Download:
by Srinivas Mukkamala, Andrew H. Sung, Ajith Abraham
Proceedings of 15 th International Conference on Computer Communications
http://www.cs.okstate.edu/~aa/fuzz2.pdf
Add To MetaCart
Abstract:
ABSTRACT- This paper concerns using learning machines for intrusion detection. Two classes of learning machines are studied: Artificial Neural Networks (ANNs) and Support Vector Machines (SVMs). We show that SVMs are superior to ANNs for intrusion detection in three critical respects: SVMs train, and run, an order of magnitude faster; SVMs scale much better; and SVMs give higher classification accuracy. We also address the related issue of ranking the importance of input features, which is itself a problem of great interest in modeling. Since elimination of the insignificant and/or useless inputs leads to a simplification of the problem and possibly faster and more accurate detection, feature selection is very important in intrusion detection. Two methods for feature ranking are presented: the first one is independent of the modeling tool, while the second method is specific to SVMs. The two methods are applied to identify the important features in the 1999 DARPA intrusion data. It is shown that the two methods produce results that are largely consistent. We present various experimental results that indicate that SVM-based intrusion detection using a reduced number of features can deliver enhanced or comparable performance. An SVM-based IDS for class-specific detection is thereby proposed. Finally, we also illustrate some of our current ongoing research work using neuro-fuzzy systems and linear genetic programming. I.
Citations
|
1473
|
Introduction to the theory of neural computation
– Hertz, Krogh, et al.
- 1991
|
|
786
|
Making large-Scale SVM Learning Practical
– Joachims
- 1999
|
|
288
|
An intrusion-detection model
– Denning
- 1987
|
|
144
|
Neuro-Fuzzy and Soft Computing: A Computational Approach to Learning and
– Jang, Sun, et al.
- 1997
|
|
90
|
Learning Program Behavior Profiles for Intrusion Detection
– Ghosh, Schwartzbard, et al.
- 1999
|
|
86
|
A Neural Network Component for an Intrusion Detection System
– Debar, Becker, et al.
- 1992
|
|
66
|
Estimating the Generalization Performance of a SVM Efficiently
– Joachims
- 2000
|
|
56
|
An application of pattern matching in intrusion detection
– Kumar, Spafford
- 1994
|
|
50
|
Artificial Neural Networks for Misuse Detection
– Cannady
- 1998
|
|
47
|
Intrusion detection with neural networks
– Ryan, Lin, et al.
- 1998
|
|
37
|
Neuro-Fuzzy Systems: State-of-the-Art Modeling Techniques, Connectionist Models of Neurons, Learning Processes
– Abraham
- 2001
|
|
28
|
Intrusion detection using neural networks and support vector machines
– Mukkamala, Janoski, et al.
- 2002
|
|
27
|
Mining fuzzy association rules and fuzzy frequency episodes for intrusion detection
– Luo, Bridges
- 2000
|
|
22
|
Francone F.D.: Genetic Programming: An Introduction
– Banzhaf, Nordin, et al.
- 1998
|
|
19
|
The Nature of Statistical Learning Theory
– Vladimir
- 1995
|
|
15
|
SVMlight is an Implementation of Support Vector Machines (SVMs
– Joachims
- 2000
|
|
13
|
A new approach to fuzzy-neural system modeling
– Lin, Cunningham
- 1995
|
|
10
|
Cost-based Modeling and Evaluation for Data Mining With Application to Fraud and Intrusion Detection,” Results from the JAM Project by Salvatore
– Stolfo, Fan, et al.
- 1999
|
|
6
|
Ranking Importance of Input Parameters of Neural Networks,” Expert Systems with Applications
– Sung
- 1998
|
|
4
|
An Application of a Recurrent Network to an Intrusion Detection System
– unknown authors
- 1992
|
|
4
|
New Methods of Intrusion Detection using Control-Loop Measurement
– al
- 1995
|
|
3
|
Monitoring Information System
– Mukkamala, Janoski, et al.
- 2001
|
|
3
|
Comparison of Neural Networks and Support Vector
– Mukkamala, Sung
- 2002
|
