发明名称 |
METHOD OF DETECTING INTRUSION BASED ON IMPROVED SUPPORT VECTOR MACHINE |
摘要 |
A method of detecting network intrusion based on improved support vector machine is disclosed. The method comprises the steps of identifying a plurality of features; computing information gain of each of the features; selecting a pre-determined number of features based on the computed information gain and augmenting that set of pre-determined number of features with special features to form a set of selected features; and classifying a network connection based on the selected features using support vector machine. In order to achieve better detection accuracy, cross-validation and grid-search are applied to select the radial basis function for the support vector machine. |
申请公布号 |
US2015135318(A1) |
申请公布日期 |
2015.05.14 |
申请号 |
US201414201939 |
申请日期 |
2014.03.10 |
申请人 |
Macau University of Science and Technology |
发明人 |
Chi Tin HON;Jia Hua XU |
分类号 |
G06F21/55;H04L29/06 |
主分类号 |
G06F21/55 |
代理机构 |
|
代理人 |
|
主权项 |
1. A method of detecting intrusion comprising the steps of:
a) identifying a plurality of features; b) computing information gain of each of said plurality of features; c) selecting a pre-determined number of features from said plurality of features based on said information gain and augmenting said pre-determined number of features with special features to form a set of selected features; and d) classifying a network connection based on said set of selected features using support vector machine;wherein said plurality of features are selected from a group of features consisting of basic features of a TCP connection, content features within a connection suggested by a domain knowledge and traffic features computed using a two-second time window. |
地址 |
Tapa MO |