The Prediction Method Of Network Threat Frequency Based On GA-SVM

The Security Risk Assessment (SRA) is the key technology of the Early Warning (EW) system of network security. Security risk is caused by three factors which are system vulnerability, threat event, and the potential loss of the information assets from the event. Risk assessment system works out the value of system's security by predicting and assessing all factors.The related works of network security risk assessment are analyzed in this thesis. The technologies of Machine Learning and Support Vector Machine (SVM) are adopted in risk assessment, and a new prediction method of network threat frequency which based on SVM and Genetic Algorithms (GA) is proposed. A time series prediction model based on SVM which optimized by GA is established, the network threat frequency is predicted by using some LAN's detected data by IDS, and the experiment result indicates that the method is effective.There are three major contributions in this thesis:Firstly, the related works of network security risk assessment are summarized, and the shortages and the advantages of traditional methods of risk probability estimated are pointed out. Statistics learning and Machine Learning theories are studied here. The theories of Support Vector Classification (SVC) and Support Vector Regression (SVR) are introduced, and the application of neural network and SVM on time series prediction is discussed.Secondly, considering the characteristics of SVM and time series prediction, on the basis of analyzing traditional parameters determining method, a new time series prediction model based on SVM which optimized by GA is established. The simulation experiment is done by the model using Santa Fe data set D, the result is contrasted with neural network and SVM based on cross-validation.Finally, The threat frequency of network is predicted by the model using some LAN's detected data by IDS, the conclusion of contrasting the result with SVM based on cross-validation is that the prediction method of threat frequency based on SVM which optimized by GA is effective in case of the training data reliable. The accuracy of predicting is improved by using data formula and character selection.