Title :
Prior Knowledge SVM-based Intrusion Detection Framework
Author :
Zhang, Gang ; Yin, Jian ; Liang, Zhaohui ; Cai, YanGuang
Author_Institution :
GuangDong Univ. of Technol., Guangzhou
Abstract :
In anomaly intrusion detection, normal profile of target system is built with labeled data sets. But it is time consuming and expensive to label data items. Human knowledge can be used to compensate the lack of labeled data. In this paper, we describe a weighted margin SVM (support vector machine) framework incorporating with pre-defined experienced detection rules to build up normal profile. With the redefinition of data item distance on heterogeneous properties, we use a modified version of LIBSVM to perform model training and detection. We use KDDCup99 ID data set for detection and several metrics are defined to explain effect of detection algorithm which shows our detection framework is more accurate and of good generalization ability than the old ones.
Keywords :
security of data; support vector machines; data item distance; intrusion detection; model detection; model training; support vector machine; Automation; Hospitals; Humans; Intrusion detection; Machine learning; Machine learning algorithms; Sun; Support vector machine classification; Support vector machines; Training data; Intrusion Detection; Prior Knowledge; SVM;
Conference_Titel :
Natural Computation, 2007. ICNC 2007. Third International Conference on
Conference_Location :
Haikou
Print_ISBN :
978-0-7695-2875-5
DOI :
10.1109/ICNC.2007.573
