Abstract
In recent years, with the rapid development of network technique and network bandwidth, the network attacking events for web servers such as DOS/PROBE are becoming more and more frequent. In order to detect these types of intrusions in the new network environment more efficiently, this paper applies new machine learning methods to intrusion detection and proposes an efficient algorithm based on vector quantization and support vector machine for intrusion detection (VQ-SVM). The algorithm firstly reduces the network auditing dataset by using VQ techniques, produces a codebook as the training example set, and then adopts fast training algorithm for SVM to build intrusion detection model on the codebook. The experiment results indicate that the combined algorithm of VQ-SVM can greatly improve the learning and detecting efficiency of the traditional SVM-based intrusion detection model.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Illgun, K., Kemmerer, R., Philips, A.: State Transition Analysis: A Rule-based Intrusion Detection Approach. IEEE Transactions on Software Engineering 2, 181–199 (1995)
Karlton, S., Mohammed, Z.: ADMIT: Anomaly-based Data Mining for Intrusions. In: Proceedings of the 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 386–395. ACM Press, Edmonton (2002)
Anderson, J.P., et al.: Detecting Unusual Program Behavior Using the Statistical Components of NIDES (1995), http://www.sdl.sri.com/papers/5sri/5sri.pdf
Debar, H., Becker, M., Siboni, D.: A Neural Network Component for an Intrusion Detection System. In: Proceedings of IEEE Symposium on Security and Privacy, Oakland, CA, pp. 240–251 (1992)
Taylor, C., Foss, J.A.: NATE: Network Analysis of Anomalous Traffic Events, A Low-cost Approach. In: Proceedings of New Security Paradigms Workshop, New Mexico, USA, pp. 89–96 (2002)
Vapnik, V.: The Nature of Statistical Learning Theory. Springer, New York (1995)
Mukkamala, S., Janowski, G., Sung, A.H.: Intrusion Detection Using Neural Networks and Support Vector Machines. In: Proceedings of the IEEE International Joint Conference on Neural Networks, Hawaii, pp. 1702–1707 (2002)
Linde, Y., Buzo, A., Gray, R.: An Algorithm for Vector Quantizer Design. IEEE Transactions on Communications 1, 84–96 (1980)
Pan, J.S., Lu, Z.M., Sun, S.H.: Vector Quantization Based on Genetic Simulated Annealing. Signal Processing 7, 1513–1524 (2000)
Platt, J.: Fast Training of Support Vector Machines using Sequential Minimal Optimization. In: Advances in Kernel Methods-Support Vector Learning. MIT Press, Cambridge (1999)
Yang, J.Y., Wei, X.G., et al.: A Fast SVM Learning Algorithm. Journal of Nanjing University of Science and Technology 5, 530–536 (2003)
Zhang, X.: Using Class-center Vectors to Build Support Vector Machine. In: Proceedings of the 1999 IEEE Signal Processing Society Workshop, New York, pp. 3–11 (1999)
KDD CUP 1999 (1999), http://kdd.ics.uci.edu/database/kddcup99/kddcup99.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yang, W., Yun, XC., Li, JH. (2006). An Efficient SVM-Based Method to Detect Malicious Attacks for Web Servers. In: Shen, H.T., Li, J., Li, M., Ni, J., Wang, W. (eds) Advanced Web and Network Technologies, and Applications. APWeb 2006. Lecture Notes in Computer Science, vol 3842. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11610496_114
Download citation
DOI: https://doi.org/10.1007/11610496_114
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-31158-4
Online ISBN: 978-3-540-32435-5
eBook Packages: Computer ScienceComputer Science (R0)