Efficient classification of portscan attacks using Support Vector Machine

Author

Vidhya, M.

Author_Institution

Dept. of Comput. Sci. & Eng., Sri Venkateswara Coll. of Eng., Chennai, India

fYear

2013

fDate

14-15 March 2013

Firstpage

1

Lastpage

5

Abstract

Support Vector Machine, a powerful data mining technique is used for the classification of attacks. SVM is implemented using WEKA tool in which the Radial Basis Function proves to be an efficient Kernel for the classification of portscan attacks. KDD´99 dataset consisting of portscan and normal traces termed as mixed traffic is given as input to SVM in two phases, i.e., without feature reduction and with feature reduction using Consistency Subset Evaluation algorithm and Best First search method. In the first phase, the mixed traffic as a whole is given as input to SVM. In the second phase, feature reduction algorithm is applied over the mixed traffic and then fed to SVM. Finally the performance is compared in accordance with classification between the two phases. The performance of the proposed method is measured using false positive rate and computation time.

Keywords

data mining; pattern classification; radial basis function networks; search problems; security of data; support vector machines; KDD 99 dataset; SVM; WEKA tool; best first search method; computation time; consistency subset evaluation algorithm; data mining technique; false positive rate; feature reduction algorithm; mixed traffic; portscan attack classification; radial basis function; support vector machine; Accuracy; Classification algorithms; Feature extraction; Intrusion detection; Ports (Computers); Search methods; Support vector machines; LIBSVM; RBF; SVM; WEKA;

fLanguage

English

Publisher

ieee

Conference_Titel

Green High Performance Computing (ICGHPC), 2013 IEEE International Conference on

Conference_Location

Nagercoil

Print_ISBN

978-1-4673-2592-9

Type

conf

DOI

10.1109/ICGHPC.2013.6533915

Filename

6533915