Multiclass Support Vector Machines Theory and Its Data Fusion Application in Network Security Situation Awareness

Author

Xiaowu Liu ; Huiqiang Wang ; Jibo Lai ; Ying Liang ; Chunmei Yang

Author_Institution

Coll. of Comput. Sci. & Technol., Harbin Eng. Univ., Harbin

fYear

2007

fDate

21-25 Sept. 2007

Firstpage

6349

Lastpage

6352

Abstract

Network security situation awareness (NSSA) is an emerging technique in the field of network security and helps administrators to monitor the actual security situation of their networks. This paper mainly focuses on NSSA based on heterogeneous multisensor data fusion. We presented a model which adopted Snort and NetFlow as sensors to gather data from real network traffic. We employed Support Vector Machines as the fusion engine of our model and used efficient feature reduction approach to fuse the gathered data from heterogeneous sensors. Furthermore, we discussed the alert aggregation and security awareness generation techniques detailedly. Our model is proved to be feasible and effective through a series of experiments.

Keywords

computer networks; sensor fusion; support vector machines; telecommunication computing; telecommunication security; telecommunication traffic; Snort/NetFlow sensor; heterogeneous multisensor data fusion application; multiclass support vector machines theory; network security situation awareness; real network traffic; Application software; Computer science; Computer security; Data acquisition; Data security; Intelligent sensors; Sensor fusion; Support vector machines; Telecommunication traffic; Traffic control;

fLanguage

English

Publisher

ieee

Conference_Titel

Wireless Communications, Networking and Mobile Computing, 2007. WiCom 2007. International Conference on

Conference_Location

Shanghai

Print_ISBN

978-1-4244-1311-9

Type

conf

DOI

10.1109/WICOM.2007.1557

Filename

4341332