CFAR intrusion detection method based on support vector machine prediction

A novel constant false alarm rate (CFAR) intrusion detection method based on support vector machine (SVM) is proposed in this paper. By introducing the normal network traffic into an SVM neural network, the forthcoming traffic data can be predicted, therefore enhancing the detectability of network attacks. The CFAR threshold of the proposed detector is also derived in the paper theoretically. Computer simulations based on standard DARPA network intrusion data present that the proposed SVM prediction-based approach is superior to other standard intrusion detection method.

[1]  José Luis Rojo-Álvarez,et al.  Support vector method for robust ARMA system identification , 2004, IEEE Transactions on Signal Processing.

[2]  Jonathan Robinson,et al.  Combining support vector machine learning with the discrete cosine transform in image compression , 2003, IEEE Trans. Neural Networks.

[3]  Aidong Adam Ding,et al.  Neural-network prediction with noisy predictors , 1999, IEEE Trans. Neural Networks.

[4]  Johan A. K. Suykens,et al.  Financial time series prediction using least squares support vector machines within the evidence framework , 2001, IEEE Trans. Neural Networks.

[5]  Aurelio Uncini,et al.  Subband neural networks prediction for on-line audio signal recovery , 2002, IEEE Trans. Neural Networks.

[6]  Yuebin Bai,et al.  Intrusion Detection Systems: technology and development , 2003, 17th International Conference on Advanced Information Networking and Applications, 2003. AINA 2003..

[7]  Lajos Hanzo,et al.  Support vector machine multiuser receiver for DS-CDMA signals in multipath channels , 2001, IEEE Trans. Neural Networks.

[8]  David J. Marchette,et al.  Computer Intrusion Detection and Network Monitoring , 2001, Statistics for Engineering and Information Science.

[9]  Chris Herringshaw,et al.  Detecting Attacks on Networks , 1997, Computer.