| IDS ( Intrusion Detection System ) is a very important research field in network security. As the second line of defense behind the firewall, IDS can find intrusion behaviors and form a solid defense system together with firewall. Misuse detection and anomaly detection are two types of detection technology. Because anomaly detection must track and update system or user behavior characteristics, the computation is enormous. Researchers usually use machine learning methods to solve this problem. In this paper, we use SVM (Support Vector Machines). SVM is a classification and prediction algorithm based on SRM (Structural Risk Minimum) theory. Intrusion detection is essentially a classification issue. If multiclass classification is divided into a number of two class classifications, we can use SVM to resolve attacks classification.This paper in thoroughly and carefully analyzes the existing intrusion detection technigues and SVM techniques, conductes the research on Error-Correcting Output Codes (ECOC) multiclass classification based on SVM and the design of a intrusion detection system based on SVM, obtaining the following achievements:Combining Hadamard matrix and SVM, uses ECOC to solve multiclass classification of intrusion detection, and describes the algorithms.Making reference to CIDF (Common Intrusion Detection Framework), designs a IDS model based on SVM, and has realized partial modules.Realizes a variety of multiclass classification methods and tests our methods using KDDCUP 99 data sets. Test results show that Hadamard ECOC has good classification effect. |
PDF Full Text Request