Kernel methods to detect intruders

This paper aims mainly to improve the data analysis methods already used to detect introduers in [1]. To do that, we introduce two anomaly intrusion detection methods based on Kernel Fisher Discriminant Analysis (KFDA) and Kernel Principal Component Analysis (KPCA). This approach searches for those vectors in the underlying space that best discriminate among users´ profile classes. The discrimination rules are based on nonlinear combinations of the observed users´ profiles, called discriminant factors. This new approach provides for the ability to learn and later determine whether a new profile does or does not correspond to those of known users. Unlike many researchers we used realistic data to learn the behaviors of four students´ classes. After that we apply KFDA and KPCA to get an appropriate discrimination between the student classes. Thus, one can easily determine if a new student is legitimate or not by projecting its profile onto the profile subspace. Simulations show that our approaches outperform those used in [1].