An intrusion detection method based on SVM and KPCA
暂无分享,去创建一个
The traditional intrusion detection system (IDS) generally use the misuse detection model based on rules because this model has low false alarm rate. But the disadvantage of this model is that it could not detect the new attacks, even the variation of existed ones. In this paper we proposed a novel model based on KPCA and SVM to solve the mentioned problem above. Different from traditional IDS, we added a pre-process module before the classifier. We use principal components extracted from the input data using KPCA, which is the main part of the pre-process module, as input of the SVM classifier that differentiates the normal and abnormal actions. Applying proposed system to KDDCUP99 data, experimental results clearly demonstrate that this model has a remarkable performance in detecting both existed intrusions and mutated ones.
[1] Byung-Joo Kim,et al. Kernel based intrusion detection system , 2005, Fourth Annual ACIS International Conference on Computer and Information Science (ICIS'05).
[2] Johan A. K. Suykens,et al. Least Squares Support Vector Machine Classifiers , 1999, Neural Processing Letters.
[3] Lijuan Cao,et al. A comparison of PCA, KPCA and ICA for dimensionality reduction in support vector machine , 2003, Neurocomputing.
[4] Vladimir Vapnik,et al. Statistical learning theory , 1998 .