Improving one-class SVM for anomaly detection

Author

Li, Kun-lun ; Huang, Hou-Kuan ; Tian, Sheng-Feng ; Xu, Wei

Author_Institution

Sch. of Comput. & Inf. Technol., Northern Jiaotong Univ., Beijing, China

Volume

5

fYear

2003

fDate

2-5 Nov. 2003

Firstpage

3077

Abstract

With the tremendous growth of the Internet, information system security has become an issue of serious global concern due to the rapid connection and accessibility. Developing effective methods for intrusion detection, therefore, is an urgent task for assuring computer & information system security. Since most attacks and misuses can be recognized through the examination of system audit log files and pattern analysis therein, an approach for intrusion detection can be built on them. First we have made deep analysis on attacks and misuses patterns in log files; and then proposed an approach using support vector machines for anomaly detection. It is a one-class SVM based approach, trained with abstracted user audit logs data from 1999 DARPA.

Keywords

pattern classification; security of data; support vector machines; system monitoring; DARPA; Internet; SVM; anomaly detection; computer system security; information system security; intrusion detection; pattern analysis; support vector machines; system audit log files; Computer errors; Computer security; Cybernetics; Data security; Information security; Information systems; Intrusion detection; Protection; Support vector machine classification; Support vector machines;

fLanguage

English

Publisher

ieee

Conference_Titel

Machine Learning and Cybernetics, 2003 International Conference on

Print_ISBN

0-7803-8131-9

Type

conf

DOI

10.1109/ICMLC.2003.1260106

Filename

1260106