Incremental Support Vector Machine Approach for Dos and Ddos Attack Detection
Abstract
Support Vector Machines (SVMs) have generally been effective in detecting instances of network intrusion. However, from a practical point of view, a standard SVM is not able to handle large-scale data efficiently due to the computation complexity of the algorithm and extensive memory requirements. To cope with the limitation, this study presents an incremental SVM method combined with a k-nearest neighbors (KNN) based candidate support vectors (CSV) selection strategy in order to speed up training and test process. The proposed incremental SVM method constructs or updates the pattern classes by incrementally incorporating new signatures without having to load and access the entire previous dataset in order to cope with evolving DoS and DDoS attacks. Performance of the proposed method is evaluated with experiments and compared with the standard SVM method and the simple incremental SVM method in terms of precision, recall, F1-score, and training and test duration.
Degree
M.Sc.
Advisors
Springer, Purdue University.
Subject Area
Artificial intelligence|Computer science|Educational technology|Information Technology|Web Studies
Off-Campus Purdue Users:
To access this dissertation, please log in to our
proxy server.