An attack classification mechanism based on Multiple Support Vector Machines

被引:0
作者
Seo, Jungtaek [1 ]
机构
[1] Natl Secur Res Inst, Taejon 305811, South Korea
来源
COMPUTATIONAL SCIENCE AND ITS APPLICATIONS - ICCSA 2007, PT 2, PROCEEDINGS | 2007年 / 4706卷
关键词
internet security; attack classification; intrusion detection;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
DDoS attack methods become more sophisticated and effective. An attacker combines various attack methods, and as a result, attacks become more difficult to be detected. In order to cope with these problems, there have been many researches on the defense mechanisms including various DDoS detection mechanisms. SVM is suitable for attack detection since it is a binary classification method. However, it is not appropriate to classify attack categories such as SYN Flooding attack, Smurf attack, UDP Flooding, and so on. Because of this weakness, administrator does not react against the attack timely. To solve this problem, we propose a machine learning model based on Multiple Support Vector Machines (MSVMs), and a new DDoS detection model based on Multiple Support Vector Machines (MSVMs). The proposed model enhanced attack detection accuracy and it classifies attack categories well when the proposed model detects the attacks.
引用
收藏
页码:94 / 103
页数:10
相关论文
共 11 条
  • [1] [Anonymous], 2004, NEXT GENERATION DATA
  • [2] [Anonymous], SRICSL9506
  • [3] CABRERA J, 2000, P 8 INT S MOD AN SIM
  • [4] CHOI DS, 2004, LNCS, V2908, P124
  • [5] Denial-of-service attacks rip the Internet
    Garber, L
    [J]. COMPUTER, 2000, 33 (04) : 12 - 17
  • [6] Gil TM, 2001, USENIX ASSOCIATION PROCEEDINGS OF THE 10TH USENIX SECURITY SYMPOSIUM, P23
  • [7] Lee W., 2001, INFORM THEORETIC MEA
  • [8] Moore D, 2001, USENIX ASSOCIATION PROCEEDINGS OF THE 10TH USENIX SECURITY SYMPOSIUM, P9
  • [9] RAMASWAMY S, 2000, P ACM SIGMOD C
  • [10] Staniford S., 2002, Journal of Computer Security, V10, P105
12