Title :
Support Vector Machines for Anomaly Detection
Author :
Zhang, Xueqin ; Gu, Chunhua ; Lin, Jiajun
Author_Institution :
Coll. of Inf. Sci. & Eng., East China Univ. of Sci. & Technol., Shanghai
Abstract :
The support vector machines are a widely used tool for classification. In this paper, firstly the method of selected features of Windows registry access recorder to construct detection data set was discussed and two kinds of feature representation methods adapted to SVM algorithm were described. Secondly, the algorithms of standard SVM that are used to classification was presented. At last, we implemented the standard SVM algorithm, weighted SVM and one class SVM to build models for different kind of data set. Experiment results on test data are given to illustrate the performance of these models. It is found that the C-SVM has high detection precision to predict the known examples and can also detect some unknown examples. Weighted SVM can effectively solve the misclassification problem resulted from the unbalance data set, one class SVM is an effective way to deal with unsupervised data
Keywords :
operating systems (computers); security of data; support vector machines; C-SVM; SVM algorithm; Windows registry access recorder; anomaly detection; detection data set; feature representation; intrusion detection; support vector machines; Arithmetic; Artificial intelligence; Data mining; Educational institutions; Information science; Intrusion detection; Monitoring; Support vector machine classification; Support vector machines; Testing; Windows Registry; feature representation; intrusion detection; support vector machines;
Conference_Titel :
Intelligent Control and Automation, 2006. WCICA 2006. The Sixth World Congress on
Conference_Location :
Dalian
Print_ISBN :
1-4244-0332-4
DOI :
10.1109/WCICA.2006.1712831
