2006 | OriginalPaper | Buchkapitel
SVM Based False Alarm Minimization Scheme on Intrusion Prevention System
verfasst von : Gil-Han Kim, Hyung-Woo Lee
Erschienen in: Computational Science and Its Applications - ICCSA 2006
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
The existing well-known network based intrusion detection / prevention techniques such as the misuse detection technique, etc., are widely used. However, because the misuse detection based intrusion prevention system is proportionally depending on the detection rules, it causes excessive large false alarm which is linked to wrong correspondence. This study suggests an intrusion prevention system which uses multi-class Support Vector Machines(SVM) as one of the rule based intrusion prevention system and anomaly detection system in order to solve these problems. When proposed scheme is compared with existing intrusion prevention system, it show enhanced performance result that improve about 20% and propose false positive minimize with effective detection on new variant attacks.