ACCELERATED NETWORK ANOMALY IDENTIFICATION WITH GENETIC ALGORIMTHS (GA) METHOD, SUPPORT VECTOR MACHINE (SVM) & RECURSIVE FEATURE REMOVAL

Authors: Abubakar Ibrahim Muhammad (Department of Mechatronics Engineering,Kaduna Polytechnic Nigeria) ,Kabir Mustapha Muhammad (Department of Electrical and Electronics Engineering, Kaduna Polytechnic Nigeria),Ibrahim Shamsuddeen (Department of Electrical and Electronics Engineering,Kaduna Polytechnic Nigeria)

Journal:Nigerian Journal Of Technical Education | Volume: 24 | Issue: 1 | Pages: 113 -127

Keywords:Anomaly Detection, Support Vector Machines, Genetic Algorithm, Radial Basis Function (RBF) Kernel, Recursive Feature Selection

Abstract

Finding odd trends and possible dangers in network data is the goal of network anomaly identification, a crucial cybersecurity activity. Support vector machines (SVMs) and other machine learning (ML) algorithms are frequently used in existing solutions. However, complicated, non-linear correlations in network data may be difficult for typical SVMs with fixed kernels to grasp, which could result in less-than-ideal detection performance. Furthermore, choosing the appropriate hyperparameters is frequently a difficult task. In this study, we examine the use of SVMs for network anomaly detection using several kernels (linear, sigmoid, polynomial, and radial basis function (RBF)). We expand our investigation to include genetic algorithm (GA)-based RBF kernel optimization for fine-tuning crucial hyperparameters (C and Gamma). Simultaneously, we incorporate recursive feature elimination (RFE) to achieve optimal feature selection and improve the discriminatory ability of the model. Our study uses a standard dataset with more than 40 features and over 40,000 training examples that has been carefully reprocessed in order to assess our suggested technique. A thorough assessment utilizing 10-fold cross-validation was carried out, and the result was a final validation on a different test dataset. Our empirical findings demonstrate that, when combined with RFE and GA-optimized hyperparameters, the GA-RBF-SVM model outperforms the other SVM variations. With 99.46% accuracy on the test dataset and 99.39% accuracy on validation data, this arrangement performs remarkably well. Our research also includes sophisticated (ensemble) ML methods, all of which exhibit outstanding performance benchmarks. This study shows that RBF-kernel based SVMs can outperform sophisticated machine learning algorithms in network anomaly detection when systematic parameter optimization and suitable feature selection are applied.