Research On Intrusion Detection System Based On Chaotic Time Series And SVM

In view of the unknown security issues which the next generation internet may encounter,as well as the increasingly frequent distributed, multi-objective, multi-stage network attacks confronting us nowadays, it is imperative to enhance the detection efficiency and intelligence of Intrusion Detection System.With the development of chaos theory and research on its applicationˋnonlinear time series analysis has become a major research hotspot of nonlinear information processing, and has been widely applied to interrelated engineering region. Studing the basic theories and general methods of chaotic time series analysis deeply and systematically, the method of chaotic time series analysis is proposed to predict alerm information, by which the chaos technology is applied to Intrusion Detection System successfully. Then we can optimize and update the eigenvector according to predicting the alarm information chaotic time series. The efficiency of identify the attack of existing eigenvector will not only be improved; many variation of the same attack method and new attack packets can also be identified by predicting new eigenvector.Studing the basic theories and its application of Support Vector Machine deeply, we present a classification model based on SVM and complete the SVM's binary classification and multi-class classification. Putting it into IDS, an intrusion detection model based on SVM is built. In combination with the feature of network traffic anomaly detection, we study the problem of feature selection in anomaly detection and the representative characteristic parameters of network traffic is proposed, such as the symmetry, protocol distribution, abnormal packet statistics as well as the length of packet statistics,with the data pre-processing method described. The experiment results show that the network anomaly detection based on SVM can not only detect a variety of high-intensity behavior of the scan effectively, but also has a lower FAR. Studying technology of feature analysis, a new method of feature selection based on adaptive feature weighted is presented, and it is applied into the intrusion feature selection with the technique of feature selection and the technique of SVM classification combined. The method can reduce the time complexity and space complexity and the situation of parameter trying is improved. The experiment results show that the detection precision rises obviously, meanwhile, the training time and the test time are also improved variously. The model has the ability to respond quickly, improving the accuracy and real-time effectively of the Intrusion Detection System.