Abstract
This paper proposes a method of applying Support Vector Machines to network-based Intrusion Detection System (SVM IDS). Support vector machines(SVM) is a learning technique which has been successfully applied in many application areas. Intrusion detection can be considered as two-class classification problem or multi-class classification problem. We used dataset from 1999 KDD intrusion detection contest. SVM IDS was learned with triaing set and tested with test sets to evaluate the performance of SVM IDS to the novel attacks. And we also evaluate the importance of each feature to improve the overall performance of IDS. The results of experiments demonstrate that applying SVM in Intrusion Detection System can be an effective and efficient way for detecting intrusions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Anderson, J.P.: Computer Security Threat Monitoring and Surveillance, James P Anderson Co., Technical report, Fort Washington, Pennsylvania (April 1980)
Denning, D.E.: An Intrusion Detection Model. IEEE Trans. S.E. (1987)
Vapnik, V.: The Nature of Statistical Learning Theory. Springer, Heidelberg (1995)
SVM Application List, http://www.clopinet.com/isabelle/Projects/SVM/applist.html
Burges, C.J.C.: A Tutorial on Support Vector Machines for Pattern Recognition. Data Mining and Knowledge Discovery (1998)
Guo, G., Li, S.Z., Chan, K.: Face Recognition by Support Vector Machines. In: 4th IEEE International Conference on Automatic Face and Gesture Recognition, pp. 196–201 (2000)
KDD Cup 1999 Data, http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
Results of the KDD 1999 Classifier Learning Contest (1999), http://www-cse.ucsd.edu/users/elkan/clresults.html
Kumar, S.: Classification and Detection of Computer Intrusions. Ph.D. Dissertation (1995)
Debar, H., Dacier, M., Wespi, A.: A revised taxonomy for intrusion-detection systems, IBM Research Technical Report (1999)
Vapnik, V.N.: Statistical Learning Theory. John Wiley & Sons, Chichester (1998)
Hsu, C.-W., Lin, C.-J.: A comparison of Methods for Multi-class Support Vector Machines. National Taiwan University (2001)
Schoelkopf, B., Burges, C., Vapnik, V.: Extracting support data for a given task. In: Fayyad, U.M., Uthurusamy, R. (eds.) Proceedings, 1st International Conference on Knowledge Discovery&Data Mining. AAAI Press, MenloPark (1995)
Knerr, S., Personnaz, L., Dreyfus, G.: Single-layer learning revisited: a stepwise procedure for building and training a neural network. In: Fogelman, J. (ed.) Neurocomputing: Algorithms, Architectures and Applications, Springer, Heidelberg (1990)
Stolfo, S.J., Fan, W., Lee, W., Prodromidis, A., Chan, P.K.: Cost-based Modeling and Evaluation for Data Mining With Application to Fraud and Intrusion Detection: Results from the JAM Project, Technical Rep. (2000)
Intrusion Detection Attacks Database, http://www.cs.fit.edu/~mmahoney/ids.html
Sundaram, A.: An Introduction to Intrusion Detection, ACM crossroad Issue 2.4 (April 1996)
Lee, J., Kim, D.S., Chi, S., Park, J.S.: Using the Support Vector Machine to Detect the Host-based Intrusion. In: IRC 2002 international conference (2002)
SVM-Light Support Vector Machine, http://svmlight.joachims.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, D.S., Park, J.S. (2003). Network-Based Intrusion Detection with Support Vector Machines. In: Kahng, HK. (eds) Information Networking. ICOIN 2003. Lecture Notes in Computer Science, vol 2662. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45235-5_73
Download citation
DOI: https://doi.org/10.1007/978-3-540-45235-5_73
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40827-7
Online ISBN: 978-3-540-45235-5
eBook Packages: Springer Book Archive