| With the development of internet, more secure problem is proposed, especially in the intrusion of the computer system. Thus all kinds of intrusion detection methods are presented. Support vector machine is based on Vapnik's minimal of the structure risk, tries its best to increase the generalization. When using the method of support vector machine into intrusion detection system, better classification can be acquired at the condition that there is less known knowledge. So the method is applied in the intrusion detection system.In this thesis, the principles and algorithms of support vector machine and intrusion detection system are discussed. The application of support vector machine is limited because of the speed, and then all kinds of improved algorithms are presented. However when the samples are much too complex together or there are many samples in the other class, which indeed belong to one class, it is not a good idea to use support vector machine to classify directly. Someone presented a method. It first prunes the training set, reserves or deletes a sample according to whether its nearest neighbor has the same label with itself or not, the trains the new set with SVM to obtain a classifier. It is not effective in the margin of SVM.Based on the above algorithm, a new method is given in the testing process. In the classifying process, tests whether the test sample is in the margin, the tested sample would be classified with SVM, Otherwise the KNN method will be used. The simulation experimental results with matlab show that the method is effective. |
PDF Full Text Request