|Table of Contents|

SVM-based Network Intrusion Detection Model

《南京理工大学学报》(自然科学版)[ISSN:1005-9830/CN:32-1397/N]

Issue:
2007年04期
Page:
403-408
Research Field:
Publishing date:
2007-08-30

Info

Title:
SVM-based Network Intrusion Detection Model
Author(s):
ZHANG Kun12CAO Hong-xin1LIU Feng-yu1LI Qian-mu1
1.School of Computer Science and Technology,NUST,Nanjing 210094,China;2.Computer Department,Nanjing University,Nanjing 210093,China
Keywords:
intrusion detection system netw ork intrusion detect ion support vector mach ine w e ighted feature
PACS:
TP393.08
DOI:
-
Abstract:
In view of the prob lem s o f using trad it iona lmachine learningm ethod to detect the netwo rk intrusions, th is paper proposes a netw ork intrusion detectionmode l based on support vectormachine ( SVM) . Experimental results demonstrate that the proposedmode l has higher detection accuracy o f intrusions and avo ids the lim itat ion of the detection methods based on trad itional mach ine learn ing. In the train ing, considering the effect o f different netwo rk data features on the intrusion detection resu lts, a new w eighted feature classificationm ethod is a lso brough t fo rw ard, wh ich improves the accuracy o f netw ork intrusion detection.

References:

[ 1] B isw ana thM, Todd L, Karl N. Netwo rk intrusion detection [ J]. IEEE N etwork, 1994, 8 ( 3): 26- 41.
[ 2] 张琨, 徐永红, 王珩, 等. 基于免疫学的入侵检测系 统模型[ J]. 南京理工大学学报, 2002, 26( 4 ): 337 - 340.
[ 3] 张琨. 基于生物免疫学的入侵检测系统的研究与 实现[ D]. 南京: 南京理工大学计算机科学与技术 学院, 2003.
[ 4] 周莲英, 刘凤玉. 基于/ 群集智能0的入侵检测系统 研究[ J] . 南京理工大学学报, 2006, 30 ( 5) : 587 - 591.
[ 5] 李千目, 戚湧, 张宏, 等. IIDS 的行为特征提取方法 研究[ J]. 南京理工大学学报, 2004, 28 ( 2) : 140 - 144.
[ 6] Te rran D L. M ach ine learning techn iques for the compu ter secur ity of anom aly detection [ D] . Purdue Un-i versity, 2000.
[ 7] 张琨, 许满武, 刘凤玉, 等. 基于支持向量机的异常 入侵检测系统[ J] . 计算机工程, 2004, 30 ( 18) : 43 - 45.
[ 8] 李辉, 管晓宏, 昝鑫, 等. 基于支持向量机的网络入 侵检测[ J]. 计算机研究与发展, 2003, 40 ( 6): 799 - 807.
[ 9] 边肇祺, 张学工. 模式识别[M ]. 第2 版. 北京: 清 华大学出版社, 2000.
[ 10] 李昆仑, 黄厚宽, 田盛丰, 等. 模糊多类支持向量机 及其在入侵检测中的应用[ J]. 计算机学报, 2005, 28( 2): 274- 280.
[ 11] 李昆仑, 赵俊忠, 黄厚宽, 等. 基于SVM 技术的入侵 检测[ J] . 信息与控制, 2003, 32( 6): 495- 498.
[ 12] 凌永发, 解季萍. 支持向量机在入侵检测系统中的 应用[ J] . 电力自动化设备, 2005, 25( 8): 59- 62.
[ 13] Kahn C, Porras P, Staniford-Chen S, e t a.l A comm on intrusion detection fram ew ork [ EB /OL] . Subm i-t ted to the Journa l o f Computer Security, h ttp: / /www. is.i edu /go st/ c idf/pape rs /c id-f jcs. ps.
[ 14] Open source so ftw are tcpdump docum ents [ EB /OL]. http: / /www. tcpdump. org. 2001.
[ 15] KDD Cup 1999 Data [ EB /OL]. Irv ine, CA, Information and Computer Science, Un iversity o f Ca lifo rn ia, Iriv ine. http: / /kdd. ics. uc.i edu /da tabases /kddcup99 /kddcup99. htm .l [ 16 ] Randa ll W D, Tony R M. Improv ed heterogeneous distance func tions [ J] . Journal of A rtific ia l Inte ll-i gence Research, 1997, 6 ( 1): 1- 34. [ 17 ] DARPA intrusion detection eva luation [ EB /OL ]. Lex ing ton, MA ( USA ): L inco ln Laboratory, M assachusetts Institute o f techno logy. http: / /www. l.l m it. edu / IST / ideval/ index. htm .l [ 18] 曹宏鑫. 基于SVM 的网络入侵检测研究[ D]. 南 京: 南京理工大学计算机科学与技术学院, 2004.

Memo

Memo:
-
Last Update: 2007-08-30