Title :
Evaluating host-based anomaly detection systems: Application of the one-class SVM algorithm to ADFA-LD
Author :
Miao Xie ; Jiankun Hu ; Slay, Jill
Author_Institution :
Sch. of Eng. & Inf. Technol., Univ. of New South Wales at the Australian Defence Force Acad., Canberra, ACT, Australia
Abstract :
ADFA-LD is a recently released data set for evaluating host-based anomaly detection systems, aiming to substitute the existing benchmark data sets which have failed to reflect the characteristics of modern computer systems. In a previous work, we had attempted to evaluate ADFA-LD with a highly efficient frequency model but the performance is inferior. In this paper, we focus on the other typical technical category that detects anomalies with a short sequence model. In collaboration with the one-class SVM algorithm, a novel anomaly detection system is proposed for ADFA-LD. The numerical experiments demonstrate that it can not only achieve a satisfactory performance, but also reduce the computational cost largely.
Keywords :
Linux; security of data; support vector machines; ADFA Linux data set; ADFA-LD; benchmark data sets; computational cost reduction; computer system characteristics; host-based anomaly detection system evaluation; numerical analysis; one-class SVM algorithm; performance enhancement; short-sequence model; support vector machine; Computational modeling; Hidden Markov models; Intrusion detection; Kernel; Support vector machines; Training; Vectors;
Conference_Titel :
Fuzzy Systems and Knowledge Discovery (FSKD), 2014 11th International Conference on
Conference_Location :
Xiamen
Print_ISBN :
978-1-4799-5147-5
DOI :
10.1109/FSKD.2014.6980972
