Title :
Towards modeling and detection of polymorphic network attacks using grammar based learning with Support Vector Machines
Author :
Evans, Scott C. ; Yan, Weizhong ; Scholz, Bernhard J. ; Barnett, Bruce ; Markham, T. Stephen ; Impson, Jeremy ; Steinbrecher, Eric
Author_Institution :
Gen. Electr. Global Res., Niskayuna, NY, USA
Abstract :
Polymorphic attacks threaten to make many intrusion detection schemes ineffective. In order to address the threat of advanced attacks, model based techniques are required. In this paper we improve our Grammar Based Modeling techniques to be more resilient to attacks that change in form by using advanced classification techniques. Similarity distances from known models are input as features input to Support Vector Machines and other advanced classification techniques to provide improved classification performance. Results indicate promise for intrusion detection and response against polymorphic attack with minimal false alarms.
Keywords :
learning (artificial intelligence); security of data; support vector machines; grammar based learning; intrusion detection schemes; polymorphic network attack detection; polymorphic network attack modeling; similarity distances; support vector machines; Data analysis; Data structures; Intrusion detection; Machine learning; Support vector machine classification; Support vector machines; Testing; Training data; Warranties;
Conference_Titel :
Military Communications Conference, 2009. MILCOM 2009. IEEE
Conference_Location :
Boston, MA
Print_ISBN :
978-1-4244-5238-5
Electronic_ISBN :
978-1-4244-5239-2
DOI :
10.1109/MILCOM.2009.5380008
