Online training of SVMs for real-time intrusion detection

Abstract

To break the strong assumption that most of the training data for intrusion detectors are readily available with high quality, conventional SVM, robust SVM and one-class SVM are modified respectively in virtue of the idea from online support vector machine (OSVM) in this paper, and their performances are compared with that of the original algorithms. Preliminary experiments with 1998 DARPA BSM data set indicate that the modified SVMs can be trained online and the results outperform the original ones with less support vectors (SVs) and training time without decreasing detection accuracy. Both of these achievements benefit an effective online intrusion detection system significantly.