Research Article Open Access

An Ensemble of Gaussian Mixture Model and Support Vector Machines for Network Intrusion Detection

Olujimi Daniel Alao1, Sheriff Alimi2, Shade Oluwakemi Kuyoro2, Ruth Chinkata Amanze2, Adesina Kamorudeen Adio3 and Michael Oluwagbenga Agbaje2
  • 1 Department of Information Technology, Babcock University, Illishan, Nigeria
  • 2 Department of Computer Science, Babcock University, Illishan, Nigeria
  • 3 Department of Basic Sciences, Babcock University, Illishan, Nigeria

Abstract

NetworkIntrusion Detection Systems (NIDS) can protect computer networks and computersystems by detecting abnormal network packets and taking agreed action plans,such as notifying an administrator or rejecting the network packets. In this study,the aim is the implementation of NIDS with improved performance using anensemble of Support Vector Machines (SVMs) and the Gaussian Mixture Model(GMM). Four SVMs with Radial Basis Function (RBF), linear, polynomial, andsigmoid kernel functions, and a GMM were trained with the same portion withKnowledge Discovery and Data Mining Tools Competition (KDD 99) dataset, andanother portion of the dataset was used to evaluate the performance of therespective NIDS models. Finally, the five models were integrated to form an ensembleIntrusion Detection System (IDS) model and the same test dataset was used tovalidate its performance. The IDS model of SVM with RBF kernel function has thebest performance with precision, recall, f1score, accuracy, false acceptance rate, and false rejection rate of 99.88,99.67, 99.77, 99.82, 0.08, and 0.33% respectively. The ensemble model built bycombining the five trained models where each of them has equal voting rightsyields state-of-art performance, precision, recall, f1-score, accuracy, falseacceptance rate, and false rejection rate of 99.7, 99.4, 99.55, 99.65, 0.18 and0.59% respectively though it is below the performance of the SVM-RBF and theSVM-polynomial models. Ensemble models are expected to have better performancethan a single classifier, but the result of this research shows that this isnot applicable in all cases as the SVM with RBF kernel outperformed theensemble classifier.

Journal of Computer Science
Volume 18 No. 9, 2022, 868-876

DOI: https://doi.org/10.3844/jcssp.2022.868.876

Submitted On: 12 April 2022 Published On: 21 September 2022

How to Cite: Alao, O. D., Alimi, S., Kuyoro, S. O., Amanze, R. C., Adio, A. K. & Agbaje, M. O. (2022). An Ensemble of Gaussian Mixture Model and Support Vector Machines for Network Intrusion Detection. Journal of Computer Science, 18(9), 868-876. https://doi.org/10.3844/jcssp.2022.868.876

  • 2,240 Views
  • 973 Downloads
  • 0 Citations

Download

Keywords

  • Network Intrusion Detection
  • Gaussian Mixture Model
  • Support Vector Machines
  • Performance Metrics