Intrusion Detection Model Based On Particle Swarm Optimization and Support Vector Machine

2007 IEEE Symposium on Computational Intelligence in Security and Defense Applications Pub Date : 2007-04-01 DOI:10.1109/CISDA.2007.368152

Surat Srinoy

{"title":"Intrusion Detection Model Based On Particle Swarm Optimization and Support Vector Machine","authors":"Surat Srinoy","doi":"10.1109/CISDA.2007.368152","DOIUrl":null,"url":null,"abstract":"Advance in information and communication technologies, force us to keep most of the information electronically, consequently, the security of information has become a fundamental issue. The traditional intrusion detection systems look for unusual or suspicious activity, such as patterns of network traffic that are likely indicators of unauthorized activity. However, normal operation often produces traffic that matches likely \"attack signature\", resulting in false alarms. One main drawback is the inability of detecting new attacks which do not have known signatures. In this paper particle swarm optimization (PSO) is used to implement a feature selection, and support vector machine (SVMs) with the one-versus-rest method serve as a fitness function of PSO for classification problems from the literature. Experimental result shows that our method allows us to recognize not only known attacks but also to detect suspicious activity that may be the result of a new, unknown attack. Our method simplifies features effectively and obtains a higher classification accuracy compared to other methods","PeriodicalId":403553,"journal":{"name":"2007 IEEE Symposium on Computational Intelligence in Security and Defense Applications","volume":"62 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"72","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 IEEE Symposium on Computational Intelligence in Security and Defense Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CISDA.2007.368152","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 72

Abstract

Advance in information and communication technologies, force us to keep most of the information electronically, consequently, the security of information has become a fundamental issue. The traditional intrusion detection systems look for unusual or suspicious activity, such as patterns of network traffic that are likely indicators of unauthorized activity. However, normal operation often produces traffic that matches likely "attack signature", resulting in false alarms. One main drawback is the inability of detecting new attacks which do not have known signatures. In this paper particle swarm optimization (PSO) is used to implement a feature selection, and support vector machine (SVMs) with the one-versus-rest method serve as a fitness function of PSO for classification problems from the literature. Experimental result shows that our method allows us to recognize not only known attacks but also to detect suspicious activity that may be the result of a new, unknown attack. Our method simplifies features effectively and obtains a higher classification accuracy compared to other methods

查看原文本刊更多论文

基于粒子群优化和支持向量机的入侵检测模型

信息和通信技术的进步，迫使我们将大部分信息电子化，因此，信息安全已成为一个根本问题。传统的入侵检测系统寻找不寻常的或可疑的活动，如网络流量的模式，可能是未经授权的活动的指标。但正常运行时，往往会产生与可能的“攻击特征”相匹配的流量，导致误报。一个主要的缺点是无法检测没有已知签名的新攻击。本文使用粒子群优化(PSO)来实现特征选择，支持向量机(svm)与1 - vs -rest方法作为PSO的适应度函数来解决文献中的分类问题。实验结果表明，我们的方法不仅可以识别已知的攻击，还可以检测到可能是新的未知攻击的结果的可疑活动。与其他方法相比，我们的方法有效地简化了特征，获得了更高的分类精度

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2007 IEEE Symposium on Computational Intelligence in Security and Defense Applications

自引率

0.00%

发文量