Browse > Article
http://dx.doi.org/10.5391/JKIIS.2005.15.3.282

Intrusion Detection System Based on Multi-Class SVM  

Lee Hansung (고려대학교 컴퓨터정보학과)
Song Jiyoung (고려대학교 컴퓨터정보학과)
Kim Eunyoung (국가보안기술연구소)
Lee Chulho (국가보안기술연구소)
Park Daihee (고려대학교 컴퓨터정보학과)
Publication Information
Journal of the Korean Institute of Intelligent Systems / v.15, no.3, 2005 , pp. 282-288 More about this Journal
Abstract
In this paper, we propose a new intrusion detection model, which keeps advantages of existing misuse detection model and anomaly detection model and resolves their problems. This new intrusion detection system, named to MMIDS, was designed to satisfy all the following requirements : 1) Fast detection of new types of attack unknown to the system; 2) Provision of detail information about the detected types of attack; 3) cost-effective maintenance due to fast and efficient learning and update; 4) incrementality and scalability of system. The fast and efficient training and updating faculties of proposed novel multi-class SVM which is a core component of MMIDS provide cost-effective maintenance of intrusion detection system. According to the experimental results, our method can provide superior performance in separating similar patterns and detailed separation capability of MMIDS is relatively good.
Keywords
intrusion detection; novelty detection; multi-class SVM; Kernel-ART;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 KDD CUP 1999 DATA, Available in http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html and http://www-cse.ucsd.edu/users/elkan/kdresults.html
2 Eleazar Eskin, Andrew Arnold, Michael Prerau, Leonid Portnoy and Salvatore Stolfo. "A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data", in Applications of Data Mining in Computer Security, Kluwer Academic Publisher, pp. 77-101, 2002
3 Results of the KDD '99 Classifier Learning Contest, Available in http://www-cse.ucsd.edu/users/elkan/clresults.html
4 Wenke Lee, Salvatore J. Stolfo, and Kui W. Mok, "A data mining framework for building intrusion detection models", Proceedings of the 1999 IEEE Symposium on Security and Privacy, pp. 120-132, 1999.
5 Liu, Y., Chen, K., Liao, X., and Zhang, W., "A Genetic Clustering Method for Intrusion Detection", Pattern Recognition, Vol. 37, Issue 5, pp. 927-942. 2004.   DOI   ScienceOn
6 Kayacik, H.G., Zincir-Heywood, A.N., and Heywood, M.I., "On the capability of an SOM based intrusion detection system", Proceedings of the International Joint Conference on Neural Networks, Vol. 3, pp. 1808-1813, 2003.
7 WunHwa Chen, ShengHsun Hsu, and H. P. HwangPin Shen, "Application of SVM and ANN for intrusion detection", Computers & Operations Research, ELSEVIER, Vol. 32, Issue 10, pp. 2617-2634, 2005   DOI   ScienceOn
8 이장현, 김성옥, "신경회로망을 이용한 비정상적인 패킷탐지", 정보보호학회 논문지, 제 11권, 제 5호, pp. 105-117, 2001.   과학기술학회마을
9 Steven Noel, Duminda Wijesekera, and Charles Youman, "Modern Intrusion Detection, Data Mining, and Degrees of Attack Guilt," in Applications of Data Mining in Computer Security, Kluwer Academic Publisher, pp. 1-31, 2002.
10 이한성, 임영희, 박주영, 박대희, "SVM과 클러스터링 기반 적응형 침입탐지 시스템", 퍼지 및 지능시스템학회 논문지, Vol. 13, No. 2, pp. 237-242, 2003   과학기술학회마을   DOI   ScienceOn
11 KunLun Li, HouKuan Huang, ShengFeng Tian, and Wei Xu, "Improving one-class SVM for anomaly detection", International Conference on Machine Learning and Cybernetics, Vol. 5, pp. 3077-3081, 2003
12 Ambwani, T., "Multi class support vector machine implementation to intrusion detection", Proceedings of the International Joint Conference on Neural Networks, Vol. 3, pp. 2300-2305, 2003
13 C.W. Hsu and C.J. Lin., "A comparison of methods for multi-class support vector machines", IEEE Transactions on Neural Networks, Vol. 13, pp. 415-425, 2002   DOI   ScienceOn
14 박주영, 임채환, "비정상 상태 탐지 문제를 위한 서포트벡터 학습", 퍼지 및 지능시스템학회 논문지, Vol. 13, No. 3, pp. 266-274, 2003   과학기술학회마을   DOI   ScienceOn
15 David M.J. Tax and Robert P.W. Duin, "Uniform Object Generation for Optimizing One-class Classifiers", Journal of Machine Learning Research, Vol. 2, Issue 2, pp. 155-173, 2001   DOI