Machine Learning
Support Vector Data Description
Machine Learning
Application of SVM and ANN for intrusion detection
Computers and Operations Research
One class support vector machine for anomaly detection in the communication network performance data
ELECTROSCIENCE'07 Proceedings of the 5th conference on Applied electromagnetics, wireless and optical communications
Hi-index | 0.00 |
In this paper, we introduce an analysis of outlier detection using SVM (Support Vector Machine) for intrusion detection in control system communication networks. SVMs have proved to be useful for classifying normal communication and intrusion attacks. In control systems, a large amount of normal communication data is available, but as there have been almost no cyber attacks, there is very little actual attack data. One class SVM and SVDD (Support Vector Data Description) are two methods used for one class classification where only information of one of the classes is available. We applied these two methods to intrusion detection in an experimental control system network, and compared the differences in the classification. To gain information of the kind of traffic that would be classified as an attack, the percentage of allowed outliers was changed interactively, adding human knowledge of the control system to the results. And our experiments clarified that sequence information in control system communication is very important for detecting some intrusion attacks.