{"title":"基于支持向量机的端口扫描攻击的有效分类","authors":"M. Vidhya","doi":"10.1109/ICGHPC.2013.6533915","DOIUrl":null,"url":null,"abstract":"Support Vector Machine, a powerful data mining technique is used for the classification of attacks. SVM is implemented using WEKA tool in which the Radial Basis Function proves to be an efficient Kernel for the classification of portscan attacks. KDD'99 dataset consisting of portscan and normal traces termed as mixed traffic is given as input to SVM in two phases, i.e., without feature reduction and with feature reduction using Consistency Subset Evaluation algorithm and Best First search method. In the first phase, the mixed traffic as a whole is given as input to SVM. In the second phase, feature reduction algorithm is applied over the mixed traffic and then fed to SVM. Finally the performance is compared in accordance with classification between the two phases. The performance of the proposed method is measured using false positive rate and computation time.","PeriodicalId":119498,"journal":{"name":"2013 International Conference on Green High Performance Computing (ICGHPC)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Efficient classification of portscan attacks using Support Vector Machine\",\"authors\":\"M. Vidhya\",\"doi\":\"10.1109/ICGHPC.2013.6533915\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Support Vector Machine, a powerful data mining technique is used for the classification of attacks. SVM is implemented using WEKA tool in which the Radial Basis Function proves to be an efficient Kernel for the classification of portscan attacks. KDD'99 dataset consisting of portscan and normal traces termed as mixed traffic is given as input to SVM in two phases, i.e., without feature reduction and with feature reduction using Consistency Subset Evaluation algorithm and Best First search method. In the first phase, the mixed traffic as a whole is given as input to SVM. In the second phase, feature reduction algorithm is applied over the mixed traffic and then fed to SVM. Finally the performance is compared in accordance with classification between the two phases. The performance of the proposed method is measured using false positive rate and computation time.\",\"PeriodicalId\":119498,\"journal\":{\"name\":\"2013 International Conference on Green High Performance Computing (ICGHPC)\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-03-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 International Conference on Green High Performance Computing (ICGHPC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICGHPC.2013.6533915\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Green High Performance Computing (ICGHPC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICGHPC.2013.6533915","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Efficient classification of portscan attacks using Support Vector Machine
Support Vector Machine, a powerful data mining technique is used for the classification of attacks. SVM is implemented using WEKA tool in which the Radial Basis Function proves to be an efficient Kernel for the classification of portscan attacks. KDD'99 dataset consisting of portscan and normal traces termed as mixed traffic is given as input to SVM in two phases, i.e., without feature reduction and with feature reduction using Consistency Subset Evaluation algorithm and Best First search method. In the first phase, the mixed traffic as a whole is given as input to SVM. In the second phase, feature reduction algorithm is applied over the mixed traffic and then fed to SVM. Finally the performance is compared in accordance with classification between the two phases. The performance of the proposed method is measured using false positive rate and computation time.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
