Enhancing the SVDD accuracy in Intrusion Detection Systems by removing external voids

Kenaza, Tayeb, Bennaceur, Khadidja, Labed, Abennour and Aiash, Mahdi ORCID: https://orcid.org/0000-0002-3984-6244 (2016) Enhancing the SVDD accuracy in Intrusion Detection Systems by removing external voids. 2016 IEEE Trustcom/BigDataSE/ISPA, Tianjin, 2016. In: 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-16), 23-25 Aug 2016, Tianjin, China. ISBN 9781509032051. ISSN 2324-9013 [Conference or Workshop Item] (doi:10.1109/TrustCom.2016.0271)

Preview

PDF - Final accepted version (with author's formatting) Download (253kB) | Preview

Abstract

This work aims to improve the accuracy of the SVDD-based Intrusion Detection Systems. In this study we are interested by approaches using only one-class classification, namely the class of normal user sessions. Sessions are modeled by vectors of points in a finite features space. The goal of using the SVDD in anomaly detection is to find the hypersphere with a minimal volume that encloses the entire scatter of points (i.e. the normal sessions). This paper discusses the general case where the shape of the scatter is arbitrary. In this case some voids can occur between the scatter and the boundary of the hypersphere, and mainly cause a distortion of the data description that reduces the accuracy of the detection. The objective of this work is to study and highlight the best techniques that help removing voids and thus improving the accuracy of the SVDD. Experimental results show that choosing the appropriate techniques and parameters can significantly improve the accuracy of the SVDD.

Actions (login required)

View Item

Statistics

DownloadsShow export options

Export as CSVXMLJSON

Activity Overview

6 month trend

229Downloads

6 month trend

370Hits

Additional statistics are available via IRStats2.