Abstract
Intrusion detection involves the continuous processes of identifying the attack as correctly and quickly as possible, and is a crucial issue in network security. Many classification and outlier analysis methods have been proposed to deal with the misuse and anomaly detection problems of intrusion detection, respectively. In addition, some hybrid approaches for developing intrusion detection systems (IDS) are also proposed recently, because of distinguished advantages of different approaches. In this paper, we integrate the advantages of rough sets and support vector machines (SVM) to develop a novel approach for an IDS. In addition, the proposed approach is suitable for both misuse and anomaly detections. We use the data-set of KDD Cup 1999 to demonstrate the proposed approach and compare the result with others. On the basis of the results, we can conclude that the proposed method outperforms than others with respect to accuracy.