IEEE Transactions on Software Engineering - Special issue on computer security and privacy
The nature of statistical learning theory
The nature of statistical learning theory
Machine Learning
Classification and detection of computer intrusions
Classification and detection of computer intrusions
Training Support Vector Machines: an Application to Face Detection
CVPR '97 Proceedings of the 1997 Conference on Computer Vision and Pattern Recognition (CVPR '97)
Hi-index | 0.00 |
The goal of intrusion detection is to determine whether there are illegal or dangerous actions or activities in the system by checking the audit data on local machines or information gathered from network. It also can be look as the problem that search relationship between the audit data on local machines or information gathered from network and the states of the system need to be protected, that is, normal or abnormal. The statistic learning theory just study the problem of searching unknown relationship based on size limited samples. The statistic theory is introduced briefly. By modeling the key process of intrusion detection, the relationship between two problems can be found. The possibility of using the methods of statistic theory in intrusion detection is analyzed. Finally the new fruit in statistic learning theory -Support Vector Machines--is used in simulation of network intrusion detection using the DRAPA data. The simulation results show support vector machines can detection intrusions very successfully. It overcomes many disadvantages that many methods now available have. It can lower the false positive with higher detection rate. And since it using small size samples, it shortens the training time greatly.