CFAR intrusion detection method based on support vector machine prediction

Author

He, Dawei ; Leung, Henry

Author_Institution

Dept. of Electr. & Comput. Eng., Calgary Univ., Alta., Canada

fYear

2004

fDate

14-16 July 2004

Firstpage

10

Lastpage

15

Abstract

A novel constant false alarm rate (CFAR) intrusion detection method based on support vector machine (SVM) is proposed in this paper. By introducing the normal network traffic into an SVM neural network, the forthcoming traffic data can be predicted, therefore enhancing the detectability of network attacks. The CFAR threshold of the proposed detector is also derived in the paper theoretically. Computer simulations based on standard DARPA network intrusion data present that the proposed SVM prediction-based approach is superior to other standard intrusion detection method.

Keywords

computer network management; maximum likelihood estimation; neural nets; support vector machines; telecommunication security; telecommunication traffic; constant false alarm rate; detection probability; intrusion detection method; maximum likelihood estimation; network attacks; network traffic; neural network; support vector machine; Computer simulation; Detectors; Helium; Intrusion detection; Neural networks; Noise measurement; Support vector machines; Telecommunication traffic; Traffic control; Working environment noise;

fLanguage

English

Publisher

ieee

Conference_Titel

Computational Intelligence for Measurement Systems and Applications, 2004. CIMSA. 2004 IEEE International Conference on

Print_ISBN

0-7803-8341-9

Type

conf

DOI

10.1109/CIMSA.2004.1397219

Filename

1397219