{"title":"入侵检测中的增量k-NN SVM方法","authors":"Binhan Xu, Shuyu Chen, Hancui Zhang, Tianshu Wu","doi":"10.1109/ICSESS.2017.8343013","DOIUrl":null,"url":null,"abstract":"The intrusion or attack in the computer network is one of the most important issues in Cloud environment. Due to enormous network traffic, dynamic and incremental learning is important to intrusion detection system (IDS) in Cloud. In existing incremental algorithms, k Nearest Neighbors (k-NN) has the advantage of dealing with the huge and incremental multi-class nature of data. However, k-NN algorithm has poor performance in classification. Support Vector Machine (SVM) is an extraordinary classification method widely used in intrusion detection field, while its training time increases sharply with expansion of training data. Therefore, we proposed Incremental k-NN SVM method using combination of k-NN and SVM, bringing advantages of the both methods. In this approach an R∗-tree provides efficient expansion of training data and query for k-NN. Experiments on open dataset KDDCUP 99 indicates that Incremental k-NN SVM intrusion detection method has the ability to learn and update with new data in acceptable time, and its predicting time does not increase rapidly along the incremental learning process.","PeriodicalId":179815,"journal":{"name":"2017 8th IEEE International Conference on Software Engineering and Service Science (ICSESS)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"32","resultStr":"{\"title\":\"Incremental k-NN SVM method in intrusion detection\",\"authors\":\"Binhan Xu, Shuyu Chen, Hancui Zhang, Tianshu Wu\",\"doi\":\"10.1109/ICSESS.2017.8343013\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The intrusion or attack in the computer network is one of the most important issues in Cloud environment. Due to enormous network traffic, dynamic and incremental learning is important to intrusion detection system (IDS) in Cloud. In existing incremental algorithms, k Nearest Neighbors (k-NN) has the advantage of dealing with the huge and incremental multi-class nature of data. However, k-NN algorithm has poor performance in classification. Support Vector Machine (SVM) is an extraordinary classification method widely used in intrusion detection field, while its training time increases sharply with expansion of training data. Therefore, we proposed Incremental k-NN SVM method using combination of k-NN and SVM, bringing advantages of the both methods. In this approach an R∗-tree provides efficient expansion of training data and query for k-NN. Experiments on open dataset KDDCUP 99 indicates that Incremental k-NN SVM intrusion detection method has the ability to learn and update with new data in acceptable time, and its predicting time does not increase rapidly along the incremental learning process.\",\"PeriodicalId\":179815,\"journal\":{\"name\":\"2017 8th IEEE International Conference on Software Engineering and Service Science (ICSESS)\",\"volume\":\"54 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"32\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 8th IEEE International Conference on Software Engineering and Service Science (ICSESS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSESS.2017.8343013\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 8th IEEE International Conference on Software Engineering and Service Science (ICSESS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSESS.2017.8343013","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Incremental k-NN SVM method in intrusion detection
The intrusion or attack in the computer network is one of the most important issues in Cloud environment. Due to enormous network traffic, dynamic and incremental learning is important to intrusion detection system (IDS) in Cloud. In existing incremental algorithms, k Nearest Neighbors (k-NN) has the advantage of dealing with the huge and incremental multi-class nature of data. However, k-NN algorithm has poor performance in classification. Support Vector Machine (SVM) is an extraordinary classification method widely used in intrusion detection field, while its training time increases sharply with expansion of training data. Therefore, we proposed Incremental k-NN SVM method using combination of k-NN and SVM, bringing advantages of the both methods. In this approach an R∗-tree provides efficient expansion of training data and query for k-NN. Experiments on open dataset KDDCUP 99 indicates that Incremental k-NN SVM intrusion detection method has the ability to learn and update with new data in acceptable time, and its predicting time does not increase rapidly along the incremental learning process.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
