DocumentCode :
3781563
Title :
Adaptive SVDD-based learning for false alarm reduction in intrusion detection
Author :
Tayeb Kenaza;Abdenour Labed;Yacine Boulahia;Mohcen Sebehi
Author_Institution :
Ecole Militaire Polytechnique, BP-17, Bordj El-Bahri, 16111, Alger, Algerie
Volume :
4
fYear :
2015
fDate :
7/1/2015 12:00:00 AM
Firstpage :
405
Lastpage :
412
Abstract :
During the last decade the support vector data description (SVDD) has been used by researchers to develop anomaly-based intrusion detection systems (IDS), with the ultimate objective to design new efficient IDS that achieve higher detection rates together with lower rates of false alerts. However, most of these systems are generally evaluated during a short period without considering the dynamic aspect of the monitored environment. They are never experimented to test their behavior in long-term, namely after some long period of deployment. In this paper, we propose an adaptive SVDD-based learning approach that aims at continuously enhancing the performances of the SVDD classifier by refining the training dataset. This approach consists of periodically evaluating the classifier by an expert, and feedback in terms of false positives and confirmed attacks is used to update the training dataset. Experimental results using both refined training dataset and compromised dataset (dataset with mislabeling) have shown promising results.
Keywords :
"Training","Intrusion detection","Support vector machines","Computer crime","Benchmark testing","Monitoring"
Publisher :
ieee
Conference_Titel :
e-Business and Telecommunications (ICETE), 2015 12th International Joint Conference on
Type :
conf
Filename :
7518064
Link To Document :
بازگشت