Title :
Capture the drifting of normal behavior traces for adaptive intrusion detection using modified SVMS
Author :
Zhang, Zong-Hua ; Shen, Hong
Author_Institution :
Graduate Sch. of Inf. Sci., Japan Adv. Inst. of Sci. & Technol., Ishikawa, Japan
Abstract :
To capture the drifting of normal behavior traces for suppressing false alarms of intrusion detection, an adaptive intrusion detection system AID with incremental learning ability is proposed in this paper. A generic framework, including several important components, is discussed in details. One-class support vector machine is modified as the kernel algorithm of AID, and the performance is evaluated using reformulated 1998 DARPA BSM data set. The experimental results indicate that the modified SVMs can be trained in a incremental way, and the performance outperform that of the original ones with fewer support vectors (SVs) and less training time without decreasing detection accuracy. Both of these achievements benefit an adaptive intrusion detection system significantly.
Keywords :
adaptive systems; learning (artificial intelligence); security of data; support vector machines; DARPA BSM data set; adaptive intrusion detection system; false alarm suppression; incremental learning; kernel algorithm; modified SVM; support vector machine; Adaptive systems; Authentication; Authorization; Cryptography; Detectors; Information science; Intrusion detection; Kernel; Machine learning; Support vector machines;
Conference_Titel :
Machine Learning and Cybernetics, 2004. Proceedings of 2004 International Conference on
Print_ISBN :
0-7803-8403-2
DOI :
10.1109/ICMLC.2004.1378555
