Chinese Journal of Network and Information Security ›› 2016, Vol. 2 ›› Issue (8): 68-73.doi: 10.11959/j.issn.2096-109x.2016.00092

• Academic paper • Previous Articles     Next Articles

Anomaly intrusion detection based on modified SVM

Hui ZHANG1,Cheng LIU2()   

  1. 1 Special Reconnaissance Team of Xinjiang Public Security Bureau,Urumpi 830000,China
    2 National Computer Network Emergency Response Technical Team/Coordination Center of China,Beijing 100029,China
  • Revised:2016-07-23 Online:2016-08-01 Published:2017-06-04

Abstract:

A modified SVM multi-classification algorithm integrated with discriminant analysis (D-SVM) was pro-posed,which could solve the problem of low detection accuracy and high false alarm rate caused by unbalanced datasets.For a multi-classification problem could be divided into several binary classification problems,D-SVM could not only have the virtue of high detection accuracy,but also have a low false alarm rate even confronted with unbalanced datasets.Experiments based on KDD99 dataset verify the feasibility and validity of the integrated ap-proach.Results show that when confronted with multi-classification problems,D-SVM could achieve a high detec-tion accuracy and low false alarm rate even when SVM alone fails because of the unbalanced datasets.

Key words: anomaly detection, non-parametric test, SVM classifier, unbalanced datasets, discriminant analysis

CLC Number: 

No Suggested Reading articles found!