Title :
Multiple kernel learning method for network anomaly detection
Author :
Song, Guanghui ; Jin, Xiaogang ; Chen, Genlang ; Nie, Yan
Author_Institution :
Coll. of Comput. Sci., Zhejiang Univ., Hangzhou, China
Abstract :
The source data of intrusion detection system (IDS) are characteristic of heavy-flow, high-dimension and nonlinearity. A frequent problem in IDS is the choice of the right features that give rise to compact and concise representations of the network data; the other is how to improve the detection efficiency and accuracy of IDS under the small sample conditions. In order to delete the redundant and noisy features, improve the performance of IDS, we present an efficient IDS based on multiple kernel learning (MKL) method. Kernel methods are the effective approaches to intrusion detection problems. MKL methods combined with support vector machines (SVMs) can overcome some practice difficulties of IDS such as irregular data, non-flat distribution of the samples, etc. Experiments on the KDD Cup (1999) intrusion detection data set show that MKL methods have a higher detection rate and a lower false alarm rate compared to single kernel methods.
Keywords :
learning (artificial intelligence); security of data; support vector machines; SVM; data representation; intrusion detection system; kernel learning method; network anomaly detection; support vector machines; Accuracy; Feature extraction; Intrusion detection; Kernel; Machine learning; Optimization; Support vector machines; Intrusion Detection System; feature selection; kernel method; multiple kernel learning; support vector machine;
Conference_Titel :
Intelligent Systems and Knowledge Engineering (ISKE), 2010 International Conference on
Conference_Location :
Hangzhou
Print_ISBN :
978-1-4244-6791-4
DOI :
10.1109/ISKE.2010.5680860
