Skip to main content

An Efficient SVM-Based Method to Detect Malicious Attacks for Web Servers

  • Conference paper
Advanced Web and Network Technologies, and Applications (APWeb 2006)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3842))

Included in the following conference series:

  • 801 Accesses

Abstract

In recent years, with the rapid development of network technique and network bandwidth, the network attacking events for web servers such as DOS/PROBE are becoming more and more frequent. In order to detect these types of intrusions in the new network environment more efficiently, this paper applies new machine learning methods to intrusion detection and proposes an efficient algorithm based on vector quantization and support vector machine for intrusion detection (VQ-SVM). The algorithm firstly reduces the network auditing dataset by using VQ techniques, produces a codebook as the training example set, and then adopts fast training algorithm for SVM to build intrusion detection model on the codebook. The experiment results indicate that the combined algorithm of VQ-SVM can greatly improve the learning and detecting efficiency of the traditional SVM-based intrusion detection model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Illgun, K., Kemmerer, R., Philips, A.: State Transition Analysis: A Rule-based Intrusion Detection Approach. IEEE Transactions on Software Engineering 2, 181–199 (1995)

    Article  Google Scholar 

  2. Karlton, S., Mohammed, Z.: ADMIT: Anomaly-based Data Mining for Intrusions. In: Proceedings of the 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 386–395. ACM Press, Edmonton (2002)

    Google Scholar 

  3. Anderson, J.P., et al.: Detecting Unusual Program Behavior Using the Statistical Components of NIDES (1995), http://www.sdl.sri.com/papers/5sri/5sri.pdf

  4. Debar, H., Becker, M., Siboni, D.: A Neural Network Component for an Intrusion Detection System. In: Proceedings of IEEE Symposium on Security and Privacy, Oakland, CA, pp. 240–251 (1992)

    Google Scholar 

  5. Taylor, C., Foss, J.A.: NATE: Network Analysis of Anomalous Traffic Events, A Low-cost Approach. In: Proceedings of New Security Paradigms Workshop, New Mexico, USA, pp. 89–96 (2002)

    Google Scholar 

  6. Vapnik, V.: The Nature of Statistical Learning Theory. Springer, New York (1995)

    MATH  Google Scholar 

  7. Mukkamala, S., Janowski, G., Sung, A.H.: Intrusion Detection Using Neural Networks and Support Vector Machines. In: Proceedings of the IEEE International Joint Conference on Neural Networks, Hawaii, pp. 1702–1707 (2002)

    Google Scholar 

  8. Linde, Y., Buzo, A., Gray, R.: An Algorithm for Vector Quantizer Design. IEEE Transactions on Communications 1, 84–96 (1980)

    Article  Google Scholar 

  9. Pan, J.S., Lu, Z.M., Sun, S.H.: Vector Quantization Based on Genetic Simulated Annealing. Signal Processing 7, 1513–1524 (2000)

    Google Scholar 

  10. Platt, J.: Fast Training of Support Vector Machines using Sequential Minimal Optimization. In: Advances in Kernel Methods-Support Vector Learning. MIT Press, Cambridge (1999)

    Google Scholar 

  11. Yang, J.Y., Wei, X.G., et al.: A Fast SVM Learning Algorithm. Journal of Nanjing University of Science and Technology 5, 530–536 (2003)

    Google Scholar 

  12. Zhang, X.: Using Class-center Vectors to Build Support Vector Machine. In: Proceedings of the 1999 IEEE Signal Processing Society Workshop, New York, pp. 3–11 (1999)

    Google Scholar 

  13. KDD CUP 1999 (1999), http://kdd.ics.uci.edu/database/kddcup99/kddcup99.html

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yang, W., Yun, XC., Li, JH. (2006). An Efficient SVM-Based Method to Detect Malicious Attacks for Web Servers. In: Shen, H.T., Li, J., Li, M., Ni, J., Wang, W. (eds) Advanced Web and Network Technologies, and Applications. APWeb 2006. Lecture Notes in Computer Science, vol 3842. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11610496_114

Download citation

  • DOI: https://doi.org/10.1007/11610496_114

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-31158-4

  • Online ISBN: 978-3-540-32435-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics