A novel hybrid intrusion detection method integrating anomaly detection with misuse detection
作者:
Highlights:
• The proposed method hierarchically integrates a misuse detection model and an anomaly detection model.
• We use the C4.5 decision tree algorithm for building a misuse detection model.
• We then decompose the normal training data into smaller subsets using the model.
• Next, we build multiple one-class SVM models for the decomposed subsets.
• This approach results in high detection performance and reduces the detection time complexity.
摘要
•The proposed method hierarchically integrates a misuse detection model and an anomaly detection model.•We use the C4.5 decision tree algorithm for building a misuse detection model.•We then decompose the normal training data into smaller subsets using the model.•Next, we build multiple one-class SVM models for the decomposed subsets.•This approach results in high detection performance and reduces the detection time complexity.
论文关键词:Hybrid intrusion detection,One-class SVM,Anomaly detection,Decision tree
论文评审过程:Available online 31 August 2013.
论文官网地址:https://doi.org/10.1016/j.eswa.2013.08.066
