Abstract

Network attacks have become more pervasive in the cyber world. There are various attacks such as denial of service, scanning, privilege escalation that is increasing day by day leading towards the requirement of a more robust and adaptable security techniques. Anomaly detection is the main focus of our paper. Support Vector Machine (SVM) is one of the good classification algorithm applied specially for intrusion detection. However, its performance can be significantly improved when it is applied in integration with other classifiers. In this paper, we have performed a comparative analysis of SVM classifier's performance when it is stacked with other classifiers like BayesNet, AdaBoost, Logistic, IBK, J48, RandomForest, JRip, OneR and SimpleCart. Multi-Classifier algorithm have better classification power when compared to a single classifier algorithm specially for detecting low frequency attacks such as guess password, rootkits, spyware etc. Our preliminary analysis over NSL-KDD'99 dataset shows that stacking of SVM and Random Forest provides the best performance with accuracy of around 97.50% which apparently better than SVM (91.81%).