By Topic

Inductive Intrusion Detection in Flow-Based Network Data Using One-Class Support Vector Machines

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Winter, P. ; Dept. of Secure Inf. Syst., Upper Austria Univ. of Appl. Sci., Hagenberg, Austria ; Hermann, E. ; Zeilinger, M.

Despite extensive research effort, ordinary anomaly detection systems still suffer from serious drawbacks such as high false alarm rates due to the enormous variety of network traffic. Also, increasingly fast network speeds pose performance problems to systems which base upon deep packet inspection. In this paper, we address these problems by proposing a novel inductive network intrusion detection system. The system operates on lightweight network flows and uses One-Class Support Vector Machines for analysis. In contrast to traditional anomaly detection systems, the system is trained with malicious rather than with benign network data. The system is suited for the load of large-scale networks and is less affected by typical problems of ordinary anomaly detection systems. Evaluations brought satisfying results which indicate that the proposed approach is interesting for further research and perfectly complements traditional signature-based intrusion detection systems.

Published in:

New Technologies, Mobility and Security (NTMS), 2011 4th IFIP International Conference on

Date of Conference:

7-10 Feb. 2011