New Intrusion Detection System Based on Support Vector Domain Description with Information Gain Metric

With the vulgarization of Internet, the easy access to its resources and the rapid growth in the number of computers and networks, the security of information systems has become a crucial topic of research and development especially in the field of intrusion detection. Techniques such as machine learning and data mining are widely used in anomaly-detection schemes to decide whether or not a malicious activity is taking place on a network. This paper presents a new intrusion detection system (IDS) based on information gain criterion to select relevant features from network traffic records and a new version of support vector domain description to classify the extracted features and to detect new intrusions. Experimental evaluation on NSL-KDD, a filtered version of the original KDD99 has shown that the proposed IDS can achieve good performance in terms of intrusions detection and recognition.