Skip to main content
SpringerLink
Log in
SpringerLink
Log in

Network-Based Intrusion Detection with Support Vector Machines

  • Conference paper
Information Networking (ICOIN 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2662))

Included in the following conference series:

Abstract

This paper proposes a method of applying Support Vector Machines to network-based Intrusion Detection System (SVM IDS). Support vector machines(SVM) is a learning technique which has been successfully applied in many application areas. Intrusion detection can be considered as two-class classification problem or multi-class classification problem. We used dataset from 1999 KDD intrusion detection contest. SVM IDS was learned with triaing set and tested with test sets to evaluate the performance of SVM IDS to the novel attacks. And we also evaluate the importance of each feature to improve the overall performance of IDS. The results of experiments demonstrate that applying SVM in Intrusion Detection System can be an effective and efficient way for detecting intrusions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anderson, J.P.: Computer Security Threat Monitoring and Surveillance, James P Anderson Co., Technical report, Fort Washington, Pennsylvania (April 1980)

    Google Scholar 

  2. Denning, D.E.: An Intrusion Detection Model. IEEE Trans. S.E. (1987)

    Google Scholar 

  3. Vapnik, V.: The Nature of Statistical Learning Theory. Springer, Heidelberg (1995)

    MATH  Google Scholar 

  4. SVM Application List, http://www.clopinet.com/isabelle/Projects/SVM/applist.html

  5. Burges, C.J.C.: A Tutorial on Support Vector Machines for Pattern Recognition. Data Mining and Knowledge Discovery (1998)

    Google Scholar 

  6. Guo, G., Li, S.Z., Chan, K.: Face Recognition by Support Vector Machines. In: 4th IEEE International Conference on Automatic Face and Gesture Recognition, pp. 196–201 (2000)

    Google Scholar 

  7. KDD Cup 1999 Data, http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

  8. Results of the KDD 1999 Classifier Learning Contest (1999), http://www-cse.ucsd.edu/users/elkan/clresults.html

  9. Kumar, S.: Classification and Detection of Computer Intrusions. Ph.D. Dissertation (1995)

    Google Scholar 

  10. Debar, H., Dacier, M., Wespi, A.: A revised taxonomy for intrusion-detection systems, IBM Research Technical Report (1999)

    Google Scholar 

  11. Vapnik, V.N.: Statistical Learning Theory. John Wiley & Sons, Chichester (1998)

    MATH  Google Scholar 

  12. Hsu, C.-W., Lin, C.-J.: A comparison of Methods for Multi-class Support Vector Machines. National Taiwan University (2001)

    Google Scholar 

  13. Schoelkopf, B., Burges, C., Vapnik, V.: Extracting support data for a given task. In: Fayyad, U.M., Uthurusamy, R. (eds.) Proceedings, 1st International Conference on Knowledge Discovery&Data Mining. AAAI Press, MenloPark (1995)

    Google Scholar 

  14. Knerr, S., Personnaz, L., Dreyfus, G.: Single-layer learning revisited: a stepwise procedure for building and training a neural network. In: Fogelman, J. (ed.) Neurocomputing: Algorithms, Architectures and Applications, Springer, Heidelberg (1990)

    Google Scholar 

  15. Stolfo, S.J., Fan, W., Lee, W., Prodromidis, A., Chan, P.K.: Cost-based Modeling and Evaluation for Data Mining With Application to Fraud and Intrusion Detection: Results from the JAM Project, Technical Rep. (2000)

    Google Scholar 

  16. Intrusion Detection Attacks Database, http://www.cs.fit.edu/~mmahoney/ids.html

  17. Sundaram, A.: An Introduction to Intrusion Detection, ACM crossroad Issue 2.4 (April 1996)

    Google Scholar 

  18. Lee, J., Kim, D.S., Chi, S., Park, J.S.: Using the Support Vector Machine to Detect the Host-based Intrusion. In: IRC 2002 international conference (2002)

    Google Scholar 

  19. SVM-Light Support Vector Machine, http://svmlight.joachims.org

  20. LIBSVM, http://www.csie.ntu.edu.tw/~cjlin/libsvm/

Download references

Author information

Authors and Affiliations

  1. Hankuk Aviation University, 200-1, Hwajon-dong, Doekyang-gu, Koyang, Kyounggi-do, Korea

    Dong Seong Kim & Jong Sou Park

Authors
  1. Dong Seong Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jong Sou Park
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Electronics Information Engineering, Korea University, Seoul, Korea

    Hyun-Kook Kahng

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, D.S., Park, J.S. (2003). Network-Based Intrusion Detection with Support Vector Machines. In: Kahng, HK. (eds) Information Networking. ICOIN 2003. Lecture Notes in Computer Science, vol 2662. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45235-5_73

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-45235-5_73

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40827-7

  • Online ISBN: 978-3-540-45235-5

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation