Deep Packet Inspection Model Based on Support Vector Machine for Anomaly Detection in Local Area Networks

Authors

  • Margaret Moronke DOSUNMU Olabisi Onabanjo University Ago-Iwoye, Nigeria
  • Femi Emmanuel Ayo Olabisi Onabanjo University, Ago-Iwoye, Ogun State
  • Lukman Adebayo OGUNDELE Olabisi Onabanjo University
  • Abass Ishola TAIWO Olabisi Onabanjo University
  • Timothy Olabisi OLATAYO Olabisi Onabanjo University

DOI:

https://doi.org/10.25195/ijci.v50i2.501

Keywords:

Deep packet inspection, Anomaly detection, Local area network, Support vector machine, SelectKBest

Abstract

Deep packet inspection is a network security solution that identifies and flags anomalous network traffic patterns in a local network environment. Traditional signature-based techniques for intrusion detection are limited in identifying different attacks or completely new kinds, which makes them unsuitable in some situations. In addition, most previous methods for anomaly detection have low detection rate and high false alarm. In this study, a deep packet inspection model based on support vector machine (SVM) for anomaly detection in local area networks was proposed. The proposed method combined the SelectKBest method and SVM for the categorization of anomaly in a local network environment. Results showed that the proposed method outperformed other related machine learning methods with accuracy, precision, recall, and F1-score of 94.81%, 94.03%, 94.13%, and 94.0799%, respectively. The accuracy result shows that most network traffic can be correctly identified by the SVM using the SelectKBest approach, with minimal false positives or negatives.

Downloads

Download data is not yet available.

Author Biographies

Margaret Moronke DOSUNMU, Olabisi Onabanjo University Ago-Iwoye, Nigeria

Department of Educational Management and Business Studie

Femi Emmanuel Ayo, Olabisi Onabanjo University, Ago-Iwoye, Ogun State

Deep packet inspection is a network security solution that identifies and flags anomalous network traffic patterns in a local network environment. Traditional signature-based techniques for intrusion detection are limited in identifying different attacks or completely new kinds, which makes them unsuitable in some situations. In addition, most previous methods for anomaly detection have low detection rate and high false alarm. In this study, a deep packet inspection model based on support vector machine (SVM) for anomaly detection in local area networks was proposed. The proposed method combined the SelectKBest method and SVM for the categorization of anomaly in a local network environment. Results showed that the proposed method outperformed other related machine learning methods with accuracy, precision, recall, and F1-score of 94.81%, 94.03%, 94.13%, and 94.0799%, respectively. The accuracy result shows that most network traffic can be correctly identified by the SVM using the SelectKBest approach, with minimal false positives or negatives.

Lukman Adebayo OGUNDELE, Olabisi Onabanjo University

Department of Mathematical Sciences

Abass Ishola TAIWO, Olabisi Onabanjo University

Department of Mathematical Sciences

Timothy Olabisi OLATAYO, Olabisi Onabanjo University

Department of Mathematical Sciences

Downloads

Published

2024-09-29