Q. Nguyen, Truong Thu Huong, Kim Phuc, Minh Le Nguyen, P. Castagliola, Salim Lardjane
{"title":"Nested One-Class Support Vector Machines for Network Intrusion Detection","authors":"Q. Nguyen, Truong Thu Huong, Kim Phuc, Minh Le Nguyen, P. Castagliola, Salim Lardjane","doi":"10.1109/CCE.2018.8465718","DOIUrl":null,"url":null,"abstract":"One-class support vector machines (OCSVM) have been recently applied in intrusion detection. Typically, OCSVM is kernelized by radial basis functions (RBF, or Gaussian kernel) whereas selecting Gaussian kernel hyperparameter is based upon availability of attacks, which is rarely applicable in practice. This paper investigates the application of nested OCSVM to detect intruders in network systems with data-driven hyperparameter optimization. The nested OCSVM is able to improve the efficiency over the proposed OCSVM applied in intrusion detection. In addition, the information of the farthest and the nearest neighbors of each sample is used to construct the objective cost instead of labeling based metrics such as geometric mean accuracy. The efficiency of this method is illustrated over the KDD99 dataset whereas the resulting estimated boundary, as well as intrusion detection performance, are comparable with existing methods. The experimental results show that the nested OCSVM method performs better than OCSVM for intrusion detection. The nested OCSVM with 12 density levels achieves 98.28% in accuracy and higher true alarming rate (TP) comparing to OCSVM.","PeriodicalId":118716,"journal":{"name":"2018 IEEE Seventh International Conference on Communications and Electronics (ICCE)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE Seventh International Conference on Communications and Electronics (ICCE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCE.2018.8465718","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8
Abstract
One-class support vector machines (OCSVM) have been recently applied in intrusion detection. Typically, OCSVM is kernelized by radial basis functions (RBF, or Gaussian kernel) whereas selecting Gaussian kernel hyperparameter is based upon availability of attacks, which is rarely applicable in practice. This paper investigates the application of nested OCSVM to detect intruders in network systems with data-driven hyperparameter optimization. The nested OCSVM is able to improve the efficiency over the proposed OCSVM applied in intrusion detection. In addition, the information of the farthest and the nearest neighbors of each sample is used to construct the objective cost instead of labeling based metrics such as geometric mean accuracy. The efficiency of this method is illustrated over the KDD99 dataset whereas the resulting estimated boundary, as well as intrusion detection performance, are comparable with existing methods. The experimental results show that the nested OCSVM method performs better than OCSVM for intrusion detection. The nested OCSVM with 12 density levels achieves 98.28% in accuracy and higher true alarming rate (TP) comparing to OCSVM.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
