Research On Intrusion Detection Based On Semi-Supervised SVM

One of the main difficulties in machine learning is how to solve large-scale problems effectively, and the labeled data are limited and fairly expensive to obtain. This is the reason why the traditional machine learning strategy can't adapt to today's application requirements. Recently, as a new machine learning strategy, semi-supervised learning was proposed. It exploits unlabeled data in addition to labeled ones and has attracted many scholars'attentions and becomes one of the machine learning hotspots in recent decade.Intrusion Detection System is an active security technology developed in the recent decade, which integrates network and information security guaranty, intrusion detection, intrusion analysis. Support vector machine (SVM) is a new general and efficient machine learning algorithm based on Statistical Learning Theory (SLT). Compared with conventional machine learning methods, it has many advantages. SVM has been recently used in many applications. We deeply research the Semi-supervised Learning, machine learning and the problems of current intrusion detection system. The research in this paper provides new methods based on SVM for solving mass unlabeled data. Research of the dissertation is concentrated on the following aspects:(1) In this paper a new semi-supervised SVM algorithm is proposed. It applies tri-training to improve SVM. The semi-supervised SVM makes use of the large number of unlabeled data to modify the classifiers iteratively. Although tri-training doesn't put any constraints on the classifier, the proposed method uses three different SVMs as the classification algorithm. Experiments on UCI datasets show that tri-training can improve the classification accuracy of SVM and its improved algorithms. We also find the accuracy of final classifier will be higher by increasing the difference of classifiers. Theoretical analysis and experiments show that the proposed method has excellent accuracy and classification speed.(2) Making reference to common intrusion detection framework, designs an IDS model based on Semi-supervised SVM, and has realized the main training and decision partial modules.(3) A new approach named Semi-supervised One-Class SVM is proposed here. It improves the traditional One-Class SVM and is used to the intrusion detection. Through the test on KDD99 datasets, all of Semi-supervised SVM algorithms are proved to have good detection ability.