Svm-based Network Intrusion Detection

In this paper, support vector machines (SVM) is applied to network intrusion detection. Based on Common Intrusion Detection Framework (CIDF), a framework of SVM based Network Intrusion Detection System is proposed. The function, mechanism and realization of the components of this framework are discussed in the thesis. By means of HVDM distance metric of heterogeneous datasets, the feature data of network are preprocessed. Based on guaranteed estimators, we estimate the size of test set. Thus we not only avoid bad train result for lack of examples, but also reduce the training time and improve the efficiency of training. During the training, by means of fuzzy mathematics, considering the effect of different network data features to the classification, a weight method is brought forward. It improves the accuracy of network intrusion detection. The problem of low detection accuracy of some types of attacks for the imbalance of training examples is researched. A method of increasing the proportion of the examples of these types of attacks is presented. It improves the detection accuracy of these types of attacks.