Anomaly Detection System Based on Support Vector Machine
This article presents an anomaly detection system based on cooccurrence matrix (CM) and support vector machine (SVM). The system first creates a profile defining a normal users behavior, and then compares the simi-larity of a current behavior with the created profile to decide whether the input instance is normal or anomaly. In order to avoid over-fitting and reduce the computational burden, user behavior principal features are extracted by the principal component analysis (PCA) method. SVM is used to distinguish normal or anomaly for user behavior after training procedure has been completed by learning, In the experiments for performance evaluation the system achieved a correct detection rate equal to 85.6% and a false detection rate equal to 3.0%, which is consistent with the best results reports in the literature for the same data set and testing paradigm.
anomaly detection Cooccurrence Matrix Support Vector Machine
Li Zhanchun Liu Shuyu
Network and Computer Center Huazhong University of Science and Technology Wuhan,China Network and Computer Center Huazhong University of Science and Technolog Wuhan,China
国际会议
太原
英文
103-107
2011-02-26(万方平台首次上网日期,不代表论文的发表时间)