Multiple Kernel Learning Method for Network Anomaly Detection
The source data of intrusion detection system (IDS) are characteristic of heavy-flow, high-dimension and nonlinearity. A frequent problem in IDS is the choice of the right features that give rise to compact and concise representations of the network data; the other is how to improve the detection efficiency and accuracy of IDS under the small sample conditions. In order to delete the redundant and noisy features, improve the performance of IDS, we present an efficient IDS based on multiple kernel learning (MKL) method. Kernel methods are the effective approaches to intrusion detection problems. MKL methods combined with support vector machines (SVMs) can overcome some practice difficulties of IDS such as irregular data, non-flat distribution of the samples, etc. Experiments on the KDD Cup (1999) intrusion detection data set show that MKL methods have a higher detection rate and a lower false alarm rate compared to single kernel methods.
Guanghui Song Xiaogang Jin Genlang Chen Yan Nie
College of Computer Science, Zhejiang University Hangzhou, China 310027 Ningbo Institute of Technolo College of Science and Technology Ningbo University Ningbo, China 315211
国际会议
The 2010 International Conference on Intelligent Systems and Knowledge Engineering(第五届智能系统与知识工程国际会议)
杭州
英文
296-299
2010-11-15(万方平台首次上网日期,不代表论文的发表时间)