As the communication industry has connected distant corners of the globe using advances in network technology, intruders or attackers have also increased attacks on networking infrastructure commensurately. System administrators can attempt to prevent such attacks by using intrusion detection tools and systems. In recent years Machine Learning (ML) algorithms has been gaining popularity in Intrusion Detection system(IDS). Support Vector Machines (SVM) has become one of the popular ML algorithm used for intrusion detection due to their good generalization nature and the ability to overcome the curse of dimensionality. As quoted by different researchers number of dimensions still affects the performance of SVM-based IDS. Another issue quoted is that SVM treats every feature of data equally. In real intrusion detection datasets, many features are redundant or less important. It would be better if we consider feature weights during SVM training. This paper presents a study that incorporates Information Gain Ratio (IGR) and K-mean algorithm to SVM for intrusion detection. In purposed framework NSL-KDD dataset is ranked using IGR and later feature subset selection is done using K-mean algorithm.

1. Jackson, T. , Levine, J. , Grizzard, J. , and Owen, H. (2004). An investigation of a compromised host on a honeynet being used to increase the security of a large enterprise network. In Proceedings of the 2004 IEEE Workshop on Information Assurance and Security.
2. D. Dennin,. (1987) "An intrusion-detection model", IEEE Transactions on Software Engineering.
3. Pfleeger, C. and Pfleeger, S. (2003). Security in computing. Prentice Hall.
4. J. Frank, (1994) "Machine learning and intrusion detection: Current and future directions," in Proceedings of the National 17th Computer Security Conference, Washington,D. C.
5. Bauer, D. S. , &Koblentz, M. E. (1988). NIDX – an expert system for real-time networkintrusion detection.
6. Lee, W. , Stolfo, S. , &Mok, K. (1999). A Data Mining Framework for Building Intrusion Detection Model. Proc. IEEE Symp. Security and Privacy, 120-132.
7. Amor, N. B. , Benferhat, S. , &Elouedi, Z. (2004). Naive Bayes vs. Decision Trees in Intrusion Detection Systems. Proc. ACM Symp. Applied Computing, 420-424.
8. Mukkamala, S. , Janoski, G. , &Sung , A. (2002). Intrusion detection using neural networks and support vector machines. Paper presented at the International Joint Conference. on Neural Networks (IJCNN).
9. Shah, H. , Undercoffer, J. , & Joshi, A. (2003). Fuzzy Clustering for Intrusion Detection. Proc. 12th IEEE International Conference Fuzzy Systems (FUZZ-IEEE '03), 2, 1274-1278.
10. Ambwani, T. (2003). Multi class support vector machine implementation to intrusiondetection. Paper presented at the Proceedings of the International Joint Conference of Neural Networks.
11. Heba F. Eid, Ashraf Darwish, Aboul Ella Hassanien, and Ajith Abraham,(2010) Principle Components Analysis and Support Vector Machine based Intrusion Detection System,IEEE.
12. J. F Joseph,A. Das,B. C. Seet, (2011) Cross-Layer Detection of Sinking Behavior in Wireless Ad Hoc Networks Using SVM and FDA. IEEE Transaction on dependable and securecomputing, Vol. 8, No. 2, Marh-April 2011.
13. T. Shon, Y. Kim, C. Lee and J. Moon,(2005), A Machine Learning Framework for Network Anomaly Detection using SVM and GA, Proceedings of the 2005 IEEE.
14. SandyaPeddabachigari, Ajith Abraham, CrinaGrosan, Johanson Thomas (2005). Modeling Intrusion Detection Systems using Hybrid Intelligent Systems. Journal of Network and Computer Applications.
15. R. C. Chen, K. F Cheng and C. F Hsieh (2009),using support vector machine and rough set for network intrusion system.
16. KyawThetKhaing (2010),Recursive Feature Elimination (RFE) and k-Nearest Neighbor (KNN) in SVM.
17. NSL-KDD Data set for Network-based Intrusion Detection Systems. Available at: http://nsl. cs. unb. ca/NSL-KDD.
18. H. Liu and H. Motoda(1998), Feature Selection for Knowledge Discovery and Data Mining. Kluwer Academic.
19. J. R. Quinlan,(1986) "Induction of Decision Trees," Machine Learning, vol. 1, pp. 81-106.

Support Vector Machines k-nearest neighbor algorithm Information Gain Ratio feature ranking and selection intrusion detection system