Table 25 Summary of ML for Hybrid Intrusion Detection
Ref. | ML Technique | Dataset | Features | Evaluation | |
|---|---|---|---|---|---|
| Â | Â | Â | Â | Settings | Results |
Mukkamala et al. [325] | Supervised RBF-SVM (Online) | KDD cup [257] | all 41 features | 7,312 training records -6,980 testing records -Platform used: SVMLight [224] | Accuracy: 99.5% Training time: 17.77 sec Testing Time: 1.63 sec |
Zhang et al. [494] | Hybrid Hierarchical-RBF (Online) | KDD Cup | all 41 features | -32,000 training records -32,000 testing records | SHIDS Normal DR:=99.5% |
| Â | Â | Â | Â | Â | SHIDS Normal FP: 1.2% |
| Â | Â | Â | Â | Â | SHIDS Attack DR: [98.2%-99.3%] |
| Â | Â | Â | Â | Â | SHIDS Attack FP: [0%-5.4%] |
| Â | Â | Â | Â | Â | PHIDS level 1 DR: 99.8% |
| Â | Â | Â | Â | Â | PHIDS level 1 DR:1.2% |
| Â | Â | Â | Â | Â | PHIDS level 2 DR:[98.8%-99.7%] |
| Â | Â | Â | Â | Â | PHIDS level 2 FP:[0%-4%] |
| Â | Â | Â | Â | Â | PHIDS level 3 DR: 86.9% |
| Â | Â | Â | Â | Â | PHIDS level 3 FP: 0% |
| Â | Â | Â | Â | Â | Training time: 5 min |
Depren et al. [116] | Hybrid SOM w./ J.48 (Offline) | KDD Cup | 6 basic features for SOM all 41 features for J.48 | -10-fold cross validation -Two-phases SOM Training -Phase 1 learning rate:0.6 -Phase 2 learning rate: 0.05 -Confidence Val. for J.48 pruning: 25% | DR: 99.9% Missed Rate: 0.1% FP: 1.25% |