Title :
A machine learning framework for network anomaly detection using SVM and GA
Author :
Shon, Taeshik ; Kim, Yongdue ; Lee, Cheolwon ; Moon, Jongsub
Author_Institution :
Center for Inf. Security Technol., Korea Univ., Seoul, South Korea
Abstract :
In today´s world of computer security, Internet attacks such as Dos/DDos, worms, and spyware continue to evolve as detection techniques improve. It is not easy, however, to distinguish such new attacks using only knowledge of pre-existing attacks. In this paper the authors focused on machine learning techniques for detecting attacks from Internet anomalies. The machine learning framework consists of two major components: genetic algorithm (GA) for feature selection and support vector machine (SVM) for packet classification. By experiment it is also demonstrated that the proposed framework outperforms currently employed real-world NIDS.
Keywords :
genetic algorithms; invasive software; learning (artificial intelligence); support vector machines; DDos attack; Dos attack; Internet anomalies; Internet attacks; SVM; computer security; feature selection; genetic algorithm; intrusion detection; machine learning; network anomaly detection; network security; packet classification; spyware; support vector machine; worms; Computer security; Computer worms; Data mining; Humans; Information security; Internet; Intrusion detection; Machine learning; Robustness; Support vector machines;
Conference_Titel :
Information Assurance Workshop, 2005. IAW '05. Proceedings from the Sixth Annual IEEE SMC
Print_ISBN :
0-7803-9290-6
DOI :
10.1109/IAW.2005.1495950
