Intrusion Detection Method Using Protocol Classification and Rough

Xunyi Ren, Ruchuan Wang, Hejun Zhou

Abstract


In order to improve the efficiency of support vector intrusion detection, we first do protocol Classification for the intrusion data, then refine its characteristic by rough set reduction. By using these procedures, we propose an intrusion detection method using protocol classification and rough set based support vector machine. The method is divided into training and testing processes. In the process of training, we first do protocol classification for the training data, and then do rough set refinement. The refined characteristics are stored as the pre-defined process, and finally the usage of support vector machine for data reduction training, the training model will be stored in accordance with the agreement. In the testing process, the data is classified according to protocol classification and then start the characteristics reduction procedure according to protocol classification. Finally, make a decision using the Support Vector Machines that corresponding to the agreement. The experimental results based on KDDCUP'99 data show that the method is the method is faster and the detection accuracy is comparable compared with the SVM without using protocol classification and using all characteristic.


Full Text: PDF

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.

Computer and Information Science   ISSN 1913-8989 (Print)   ISSN 1913-8997 (Online)
Copyright © Canadian Center of Science and Education

To make sure that you can receive messages from us, please add the 'ccsenet.org' domain to your e-mail 'safe list'. If you do not receive e-mail in your 'inbox', check your 'bulk mail' or 'junk mail' folders.