Research On Intrusion Detection Based On C-SVM And KPCA

Intrusion detection, one of the most kernel technologies in dynamic security systems(P2DR), plays a very important role in the deep defense hierarchy system of network, which is the key of the conversion from static defense to dynamic defense, and as well a powerful tool of forcibly implementing the security policy. With the increasing sophistication, diversification and automatization of network attack tricks, traditional intrusion detection systems (IDS) can't any longer meet the need of security. In order to withstand more and more frequent compound network attacks and hacker commitment of distribution, multiobjective, multistage nowadays,improve intrusion detection efficiency under the circumstance of high band width and large-scale network, decrease false negative rate and shorten detection time, incorporating advanced machine learning techniques into IDS is already a well-known thought.The dissertation mainly aims at applying support vector machine (SVM) and kernel principal component analysis (KPCA) to intrusion detection. The dissertation first studies techniques of intrusion detection, and then systematically studies signal analysis techniques of intrusion detection based on SVM which is an important approach statistical learning theory (SLT),and KPCA which is an effective approach for nonlinearity data analysis.The main work includes in the dissertation is: (1) The dissertation proposed an intrusion detection model based on C-SVM, the model with certain extended performance. A data pretreatment method, a kernel function and an aparameter choosing method for C-SVM were designed. The experiment result shows that kernel function and aparameter choosing method for C-SVM are effective and pragmatic. The dissertation deeply discussed the affect with the main aparameter chaging, and analyzed the performance of intrusion detecton system and support vector machine. (2) The dissertation proposed an intrusion detection model based on C-SVM and KPCA. It is a multi-kernel classification system actually. The experiment result shows that the model is effective, most of all, it with supereminent time of training and testing. (3) The dissertation proposed a multi-classification intrusion detection model based on multiple C-SVM and KPCA, the experiment result shows that the model is practical.In the last place, we make a conclused for the design and research of the dissertation. Especially brings forward some suggestion for the dissertation, and points out the major creativeness future work.