微信服务号

微信订阅号

2025-6-4- 1
Home > Archive>Volume 14, Issue 4, 2003 >798-803
PDF HTML XML Export Cite reminder
An Intrusion Detection System Based on Support Vector Machine
Author:
Affiliation:

  • Article
    • | |
  • Metrics
    • |
  • Reference [6]
    • |
  • Related
    • |
  • Cited by [78]
    • | |
  • Comments
    Abstract:

    The generalizing ability of current IDS (intrusion detection system) is poor when given less priori knowledge. Utilizing SVM (support vector machines) in Intrusion Detection, the generalizing ability of IDS is still good when the sample size is small (less priori knowledge). First, the research progress of intrusion detection is recalled and algorithm of support vector machine taxonomy is introduced. Then the model of an Intrusion Detection System based on support vector machine is presented. An example using system call trace data, which is usually used in intrusion detection, is given to illustrate the performance of this model. Finally, comparison of detection ability between the above detection method and others is given. It is found that the IDS based on SVM needs less priori knowledge than other methods and can shorten the training time under the same detection performance condition.

    Reference
    [1]Forrest S, Perrelason AS, Allen L, Cherukur R. Self_Nonself discrimination in a computer. In: Rushby J, Meadows C, eds. Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy. Oakland, CA: IEEE Computer Society Press, 1994. 202~212.
    [2]Ghosh AK, Michael C, Schatz M. A real-time intrusion detection system based on learning program behavior. In: Debar H, Wu SF, eds. Recent Advances in Intrusion Detection (RAID 2000). Toulouse: Spinger-Verlag, 2000. 93~109.
    [3]Lee W, Stolfo SJ. A data mining framework for building intrusion detection model. In: Gong L, Reiter MK, eds. Proceedings of the 1999 IEEE Symposium on Security and Privacy. Oakland, CA: IEEE Computer Society Press, 1999. 120~132.
    [4]Vapnik VN. The Nature of Statistical Learning Theory. New York: Spring-Verlag, 1995.
    [5]Lee W, Dong X. Information-Theoretic measures for anomaly detection. In: Needham R, Abadi M, eds. Proceedings of the 2001 IEEE Symposium on Security and Privacy. Oakland, CA: IEEE Computer Society Press, 2001. 130~143.
    [6]Warrender C, Forresr S, Pearlmutter B. Detecting intrusions using system calls: Alternative data models. In: Gong L, Reiter MK, eds. Proceedings of the 1999 IEEE Symposium on Security and Privacy. Oakland, CA: IEEE Computer Society Press, 1999. 133~145.
    Related
    Comments
    Comments
    分享到微博
    Submit
Get Citation

饶鲜,董春曦,杨绍全.基于支持向量机的入侵检测系统.软件学报,2003,14(4):798-803

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:December 10,2001
  • Revised:August 02,2002
Links:Institute of Software, CASChina Computer FederationCASNSFC
You are the first2050519Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063