Application of Weighted Support Vector Machines to Network Intrusion Detection
نویسندگان
چکیده
Support Vector Machines(SVMs) have succeeded in many classification fields. Some researchers have tried to apply SVMs to Intrusion Detection recently and got desirable results. By analyzing C-SVM theoretically and experimentally, we found that C-SVM had some properties which showed C-SVM was not most suitable for Network Intrusion Detection. First, C-SVM has different classification error rates on different classes if the sizes of training classes are uneven. Second, C-SVM is over-dependent on every training sample, even if the samples are duplicated. Third, C-SVM does not make a difference between training samples. According to these characteristics of C-SVM and the fact that the size of network normal data is always much larger than that of intrusion data and the fact that the importance of attack data is different from each other, an extended C-SVM, termed weighted C-SVM is proposed in this paper. Weighed C-SVM introduces two parameters, class weights and sample weights. Class weights are used to adjust false negative rate and false positive rate of each intrusion class. And sample weights are used to emphasize importance of some intrusion samples. Experiments showed that Weighted C-SVM was more effective than C-SVM in network intrusion detection systems.
منابع مشابه
Anomaly Detection Using SVM as Classifier and Decision Tree for Optimizing Feature Vectors
Abstract- With the advancement and development of computer network technologies, the way for intruders has become smoother; therefore, to detect threats and attacks, the importance of intrusion detection systems (IDS) as one of the key elements of security is increasing. One of the challenges of intrusion detection systems is managing of the large amount of network traffic features. Removing un...
متن کاملIntrusion Detection: Support Vector Machines and Neural Networks
This paper concerns intrusion detection and audit trail reduction. We describe approaches to intrusion detection and audit data reduction using support vector machines and neural networks. Using a set of benchmark data from the KDD (Knowledge Discovery and Data Mining) competition designed by DARPA, we demonstrate that efficient and highly accurate classifiers can be built using either support ...
متن کاملIntrusion Detection Systems Using Decision Trees and Support Vector Machines
Security of computers and the networks that connect them is increasingly becoming of great significance. Intrusion detection is a mechanism of providing security to computer networks. Although there are some existing mechanisms for Intrusion detection, there is need to improve the performance. Data mining techniques are a new approach for Intrusion detection. In this paper we investigate and ev...
متن کاملIntrusion Detection Using a Hybrid Support Vector Machine Based on Entropy and Tf-idf
The main functions of an Intrusion Detection System (IDS) are to protect computer networks by analyzing and predicting the actions of processes. Though IDS has been developed for many years, the large number of alerts makes the system inefficient. In this paper, we proposed a classification method based on Support Vector Machines (SVM) with a weighted voting schema to detect intrusions. First, ...
متن کاملAn Enhanced Support Vector Machine Model for Intrusion Detection
Design and implementation of intrusion detection systems remain an important research issue in order to maintain proper network security. Support Vector Machines (SVM) as a classical pattern recognition tool have been widely used for intrusion detection. However, conventional SVM methods do not concern different characteristics of features in building an intrusion detection system. We propose a...
متن کامل