Support Vector Machines for Anomaly Detection

Author

Zhang, Xueqin ; Gu, Chunhua ; Lin, Jiajun

Author_Institution

Coll. of Inf. Sci. & Eng., East China Univ. of Sci. & Technol., Shanghai

Volume

1

fYear

0

fDate

0-0 0

Firstpage

2594

Lastpage

2598

Abstract

The support vector machines are a widely used tool for classification. In this paper, firstly the method of selected features of Windows registry access recorder to construct detection data set was discussed and two kinds of feature representation methods adapted to SVM algorithm were described. Secondly, the algorithms of standard SVM that are used to classification was presented. At last, we implemented the standard SVM algorithm, weighted SVM and one class SVM to build models for different kind of data set. Experiment results on test data are given to illustrate the performance of these models. It is found that the C-SVM has high detection precision to predict the known examples and can also detect some unknown examples. Weighted SVM can effectively solve the misclassification problem resulted from the unbalance data set, one class SVM is an effective way to deal with unsupervised data

Keywords

operating systems (computers); security of data; support vector machines; C-SVM; SVM algorithm; Windows registry access recorder; anomaly detection; detection data set; feature representation; intrusion detection; support vector machines; Arithmetic; Artificial intelligence; Data mining; Educational institutions; Information science; Intrusion detection; Monitoring; Support vector machine classification; Support vector machines; Testing; Windows Registry; feature representation; intrusion detection; support vector machines;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligent Control and Automation, 2006. WCICA 2006. The Sixth World Congress on

Conference_Location

Dalian

Print_ISBN

1-4244-0332-4

Type

conf

DOI

10.1109/WCICA.2006.1712831

Filename

1712831