Capture the drifting of normal behavior traces for adaptive intrusion detection using modified SVMS

Zong Hua Zhang, Hong Shen

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

To capture the drifting of normal behavior traces for suppressing false alarms of intrusion detection, an adaptive intrusion detection system AID with incremental learning ability is proposed in this paper. A generic framework, including several important components, is discussed in details. One-class support vector machine is modified as the kernel algorithm of AID, and the performance is evaluated using reformulated 1998 DARPA BSM data set. The experiment results indicate that the modified SVMs can be trained in a incremental way, and the performance outperform that of the original ones with fewer support vectors(SVs) and less training time without decreasing detection accuracy. Both of these achievements benefit an adaptive intrusion detection system significantly.

Original languageEnglish
Title of host publicationProceedings of 2004 International Conference on Machine Learning and Cybernetics
Pages3046-3051
Number of pages6
Publication statusPublished - 2004
Externally publishedYes
EventProceedings of 2004 International Conference on Machine Learning and Cybernetics - Shanghai, China
Duration: 26 Aug 200429 Aug 2004

Publication series

NameProceedings of 2004 International Conference on Machine Learning and Cybernetics
Volume5

Conference

ConferenceProceedings of 2004 International Conference on Machine Learning and Cybernetics
Country/TerritoryChina
CityShanghai
Period26/08/0429/08/04

Fingerprint

Dive into the research topics of 'Capture the drifting of normal behavior traces for adaptive intrusion detection using modified SVMS'. Together they form a unique fingerprint.

Cite this