Biased Support Vector Machines and Kernel Methods for Intrusion Detection

Download Now
Provided by: International Association of Engineers
Topic: Security
Format: PDF
In this paper, the authors describe results concerning the robustness and generalization capabilities of kernel methods in detecting intrusions using network audit trails. They use traditional Support Vector Machines (SVM), Biased Support Vector Machine (BSVM) and leave-one-out model selection for support vector machines (looms) for model selection. They also evaluate the impact of kernel type and parameter values on the accuracy of a Support Vector Machine (SVM) performing intrusion classification. Through a variety of comparative experiments, it is found that SVM performs the best for detecting normal and user to super user, BSVM performs the best for Denial of Service (DoS) attacks, and looms based on BSVM performs the best for probe and remote to local.
Download Now

Find By Topic