论文信息 - A cooperative intrusion detection system based on improved parallel SVM

A cooperative intrusion detection system based on improved parallel SVM

It is important that the training time of the Support Vector Machine (SVM) is shortened and storage space requirement is reduced for high-speed and large-scale network. An intrusion detection method based on parallel SVM is proposed and a detection model system is constructed in this paper. First, original training dataset gained from network is divided into three subsets according to the network protocol (TCP, UDP and ICMP). Second, every subset is parted into multi-subsets and sent to parallel SVMs. Then we get multiple results from SVM trainers. The incremental learning algorithm of SVM is used to train new data sets instead of reconstructing SVM for whole data. This method improves the training efficiency by reducing the size of training subsets. At last, simulation experiments are done with KDD CUP 1999 data set. The experiment results show that the training time of SVM is shortened and the detection accuracy obtained by our method is exactly same as that obtained by others.

[1] Vladimir Cherkassky,et al. The Nature Of Statistical Learning Theory , 1997, IEEE Trans. Neural Networks.

[2] Jian Wang,et al. Large-Scale Network Intrusion Detection Algorithm Based on Distributed Learning: Large-Scale Network Intrusion Detection Algorithm Based on Distributed Learning , 2010 .

[3] Chih-Jen Lin,et al. LIBSVM: A library for support vector machines , 2011, TIST.

[4] Mark Weiser. The computer for the 21st century , 1991 .

[5] Zhou Wei. An Analysis of SVMs Generalization Performance , 2001 .

[6] James H. Aylor,et al. Computer for the 21st Century , 1999, Computer.

[7] Vladimir N. Vapnik,et al. The Nature of Statistical Learning Theory , 2000, Statistics for Engineering and Information Science.

[8] Timothy Sherwood,et al. A high throughput string matching architecture for intrusion detection and prevention , 2005, 32nd International Symposium on Computer Architecture (ISCA'05).