Data Fusion Detection Model Based on SVM and Evidence Theory
Based on Dempster-Shafer (D-S) evidence theory of data fusion technology,a new intrusion detection system (IDS) model with C-SVM classifier is proposed.This model consisted of three SVM classifiers,which sorted out Normal,DoS,U2R,R2L and Probing behaviors from network connections according to basic TCP features,content features and traffic features.Those classified results were obtained through Dempter-Shafers rule of combination,consequently intrusion recognitions were implemented.The experimental result proves that our method effectively decreases the false positive rate and the false negative rate,and increases the accuracy and precision of detection.
intrusion detection data fusion evidence theory support vector machine network connection
Feng Xie Yong Peng Hongyu Yang Haihui Gao
China Information Technology Security Evaluation CenterBeijing, China School of Computer Science Civil Aviation University of China Tianjin, China China Information Technology Security Evaluation Center Beijing, China
国际会议
2012 IEEE 14th International Conference on Communication Technology(2012年第十四届通信技术国际会议(ICCT 2012))
成都
英文
905-909
2012-11-09(万方平台首次上网日期,不代表论文的发表时间)