A machine learning framework for network anomaly detection using SVM and GA

被引：0

作者：

Shon, T ^{[1
]}

Kim, Y ^{[1
]}

Lee, C ^{[1
]}

Moon, A ^{[1
]}

机构：

[1] Korea Univ, Ctr Informat Secur Technol, Seoul, South Korea

来源：

PROCEEDINGS FROM THE SIXTH ANNUAL IEEE SYSTEMS, MAN AND CYBERNETICS INFORMATION ASSURANCE WORKSHOP | 2005年

关键词：

intrusion detection; network security; anomaly detection; machine learning;

D O I：

暂无

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

In today's world of computer security, internet attacks such as Dos/DDos, worms, and spyware continue to evolve as detection techniques improve. It is not easy, however, to distinguish such new attacks using only knowledge of pre-existing attacks. In this paper we concentrate on machine learning techniques for detecting attacks from internet anomalies. Our machine learning framework consists of two major components: Genetic Algorithm (GA) for feature selection and Support Vector Machine (SVM) for packet classification. By experiment we also demonstrate that our proposed framework out performs currently employed real-world NIDS.

引用

页码：176 / 183

页数：8

共 19 条

[1]

Anderson D., 1995, SRICSL9506 COMP SCI

[2]

[Anonymous], 2004, NEXT GENERATION DATA

[3]

[Anonymous], P WORKSH MULT SEC AC

[4] A survey on pattern recognition applications of support vector machines [J].

Byun, H ;

Lee, SW .

INTERNATIONAL JOURNAL OF PATTERN RECOGNITION AND ARTIFICIAL INTELLIGENCE, 2003, 17 (03) :459-486

[5]

CHANG CC, 2004, LIBSVM LIBR SUPPORT

[6]

CORTES C, 1995, MACH LEARN, V20, P273, DOI 10.1023/A:1022627411411

[7]

Eskin E., 2002, GEOMETRIC FRAMEWORK

[8]

HELLER KA, P WORKSH DAT MIN COM

[9]

Holland J. H., 1995, Adaptation in Natural and Artificial Systems

[10]

HU WJ, 2003, INT C MACH LEARN LOS

← 1 2 →