Using weighted Support Vector Machine to address the imbalanced classes problem of Intrusion Detection System

Improving the intrusion detection system (IDS) is a pressing need for cyber security world.
With the growth of computer networks, there are constantly daily new attacks. Machine
Learning (ML) is one of the most important fields which have great contribution to address
the intrusion detection issues. One of these issues relates to the imbalance of the diverse
classes of network traffic. Accuracy paradox is a result of training ML algorithm with
imbalanced classes. Most of the previous efforts concern improving the overall accuracy of
these models which is truly important. However, even they improved the total accuracy of
the system; it fell in the accuracy paradox. The seriousness of the threat caused by the minor
classes and the pitfalls of the previous efforts to address this issue is the motive for this work.
In this paper, we consolidated stratified sampling, cost function and weighted Support
Vector Machine (WSVM) method to address the accuracy paradox of ID problem. This
model achieved good results of total accuracy and superior results in the small classes like
the User-To-Remote and Remote-To-Local attacks using the improved version of the
benchmark dataset KDDCup99 which is called NSL-KDD.