Less is More:Data Processing with SVM for Intrusion Detection

Less is More:Data Processing with SVM for Intrusion Detection

下载PDF

导出

摘要 To improve the detection rate and lower down the false positive rate in intrusion detection system, dimensionality reduction is widely used in the intrusion detection system. For this purpose, a data processing （DP） with support vector machine （SVM） was built. Different from traditiona/ly identifying the redundant data before purging the audit data by expert knowledge or utilizing different kinds of subsets of the available 41-connection attributes to build a classifier, the proposed strategy first removes the attributes whose correlation with another attribute exceeds a threshold, and then classifies two sequence samples as one class while removing either of the two samples whose similarity exceeds a threshold. The results of performance experiments showed that the strategy of DP and SVM is superior to the other existing data reduction strategies （ e. g. , audit reduction, rule extraction, and feature selection）, and that the detection model based on DP and SVM outperforms those based on data mining, soft computing, and hierarchical principal component analysis neural networks. To improve the detection rate and lower down the false positive rate in intrusion detection system, dimensionality reduction is widely used in the intrusion detection system. For this purpose, a data processing （DP） with support vector machine （SVM） was built. Different from traditiona/ly identifying the redundant data before purging the audit data by expert knowledge or utilizing different kinds of subsets of the available 41-connection attributes to build a classifier, the proposed strategy first removes the attributes whose correlation with another attribute exceeds a threshold, and then classifies two sequence samples as one class while removing either of the two samples whose similarity exceeds a threshold. The results of performance experiments showed that the strategy of DP and SVM is superior to the other existing data reduction strategies （ e. g. , audit reduction, rule extraction, and feature selection）, and that the detection model based on DP and SVM outperforms those based on data mining, soft computing, and hierarchical principal component analysis neural networks.

作者肖海军洪帆王玲

机构地区 School of Mathematics and Physics School of Computer Science and Technology Business School

出处《Journal of Southwest Jiaotong University(English Edition)》 2009年第1期9-15,共7页 西南交通大学学报（英文版）

基金 The National Natural Science Foundation ofChina (No.60672049)

关键词 Support vector machine Data processing Attribute selection SIMILARITY Support vector machine Data processing Attribute selection Similarity

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献11

1Corinna Cortes,Vladimir Vapnik.Support-Vector Networks[J].Machine Learning.1995(3)
2Khanna R,Liu H P.System approach to intrusion detec- tion using hidden Markov model[].WCMC.2006
3Rezaul Karim A H M,Rajatheva R M A P,Ahmed K M.An efficient collaborative intrusion detection system for MANET using bayesian approach[].MSWiM.2006
4Chimphlee W,Sap M N M,Abdullah A H,et al.To identify suspicious activity in anomaly detection based on soft computing[].Proceedings of the th IASTED In- ternational Mutli-Conference ARTIFIVAL INTELLI- GENCE and APPLICATIONS.2006
5Rapaka A,Novokhodko A,Wunsch D.Intrusion detec- tion using radial basis function network on sequences of system calls[].Proceedings of the International Joint Conference on Neural Networks.2003
6TheInformation Systems Technology Group ( IST) ofMIT Lincoln Laboratory,under Defense Advanced Re- search Projects Agency (DARPA).DARPA Intru- sion Detection Evaluation Data Sets. http://www.ll. mit.edu/IST/ideval/data/1998/1998-data-index.html . 1998
7Fung G,Mangasarian O L.Proximal support vector machine classifiers[].Proceedings of KDD-: Knowledge Discovery and Data Mining.2001
8Lee W,Stolfo S J,Mok K.A Data Mining Framework for Building Intrusion Detection Models[].Proceedings of the IEEE Symposium on Security and Privacy.1999
9A.K. Ghosh,J. Wanken,and F. Charron.Detecting anomalous and unknown intrusions against programs[]..1998
10Lippmann R,Haines J,Fried D,et al.Analysis and results of the1999DARPA Off-Line intrusion detection evaluation[].Computer Networks.2000

1董晓梅,王丽娜,于戈,王国仁.分布式入侵检测系统综述[J].计算机科学,2002,29(3):16-19. 被引量：18
2陈燕玲.网络安全之入侵检测技术[J].贵州电力技术,2003,6(8):36-38.
3徐兴敏.数据挖掘在入侵检测中的应用[J].潍坊学院学报,2007,7(4):51-52.
4Zan Xin Han Jiuqiang Zhang Junjie Zheng Qinghua Han Chongzhao.A BOOSTING APPROACH FOR INTRUSION DETECTION[J].Journal of Electronics(China),2007,24(3):369-373.
5LI Wei-min.The Intrusion Detection Based on Genetic Algorithms[J].Journal of Shanghai University(English Edition),2001,5(z1):66-69.
6掐住入侵者的咽喉——eTrust Intrusion Detection[J].信息网络安全,2003(9):62-63.
7李鹏程.解析入侵检测[J].网管员世界,2008(14):99-100.
8许晓钰.入侵检测系统在网络中的实际应用[J].中国金融电脑,2006(7):49-52. 被引量：1
9王峰.分布式入侵检测系统模型构建[J].河南科技,2008,27(12):30-30.
10秦拯,吴中福,廖晓峰,李华,王康,吴李瀚.一种新型的入侵检测模型的研究与实现[J].计算机科学,2001,28(11):96-99. 被引量：4

Journal of Southwest Jiaotong University(English Edition)

2009年第1期

浏览历史

内容加载中请稍等...

Less is More:Data Processing with SVM for Intrusion Detection

参考文献11

相关作者

相关机构

相关主题

浏览历史