西南交通大学学报(英文版)2009,Vol.17Issue(1):9-15,7.
Less is More: Data Processing with SVM for Intrusion Detection
Less is More: Data Processing with SVM for Intrusion Detection
摘要
Abstract
To improve the detection rate and lower down the false positive rate in intrusion detection system,dimensionality reduction is widely used in the intrusion detection system.For this purpose,a data processing (DP) with support vector machine (SVM) was built.Different from traditionally identifying the redundant data before purging the audit data by expert knowledge or utilizing different kinds of subsets of the available 41-connection attributes to build a classifier,the proposed strategy first removes the attributes whose correlation with another attribute exceeds a threshold,and then classifies two sequence samples as one class while removing either of the two samples whose similarity exceeds a threshold.The results of performance experiments showed that the strategy of DP and SVM is superior to the other existing data reduction strategies (e.g.,audit reduction,rule extraction,and feature selection),and that the detection model based on DP and SVM outperforms those based on data mining,soft computing,and hierarchical principal component analysis neural networks.关键词
Support vector machine/Data processing/Attribute selection/SimilarityKey words
Support vector machine/Data processing/Attribute selection/Similarity分类
交通工程引用本文复制引用
XIAO Hai-jun,HONG Fan,WANG Ling..Less is More: Data Processing with SVM for Intrusion Detection[J].西南交通大学学报(英文版),2009,17(1):9-15,7.基金项目
The National Natural Science Foundation of China (No.60672049) (No.60672049)
