Title :
Improving one-class SVM for anomaly detection
Author :
Li, Kun-lun ; Huang, Hou-Kuan ; Tian, Sheng-Feng ; Xu, Wei
Author_Institution :
Sch. of Comput. & Inf. Technol., Northern Jiaotong Univ., Beijing, China
Abstract :
With the tremendous growth of the Internet, information system security has become an issue of serious global concern due to the rapid connection and accessibility. Developing effective methods for intrusion detection, therefore, is an urgent task for assuring computer & information system security. Since most attacks and misuses can be recognized through the examination of system audit log files and pattern analysis therein, an approach for intrusion detection can be built on them. First we have made deep analysis on attacks and misuses patterns in log files; and then proposed an approach using support vector machines for anomaly detection. It is a one-class SVM based approach, trained with abstracted user audit logs data from 1999 DARPA.
Keywords :
pattern classification; security of data; support vector machines; system monitoring; DARPA; Internet; SVM; anomaly detection; computer system security; information system security; intrusion detection; pattern analysis; support vector machines; system audit log files; Computer errors; Computer security; Cybernetics; Data security; Information security; Information systems; Intrusion detection; Protection; Support vector machine classification; Support vector machines;
Conference_Titel :
Machine Learning and Cybernetics, 2003 International Conference on
Print_ISBN :
0-7803-8131-9
DOI :
10.1109/ICMLC.2003.1260106
