期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2012
卷号:35
期号:1
页码:056-068
出版社:Journal of Theoretical and Applied
摘要:The omnipresence of the computer system tools intensified every year in all companies. They integrate equipments, data and services that constitute a wealth to protect. Lot of mechanisms have been developed to assure the computer systems security. Conventional intrusions detection systems �IDS� have shown their insufficiencies and limits. To improve computer systems security approach, in our previous articles, we have proposed an exact algorithm for the deployment of security policies for single computer systems [1] and an enhanced three levels security policy for complex computer systems [2], However, manual analysis of the huge volume of data generated, audit data, is usually impractical. To overcome this problem and evaluate our system proposed in [2], we use Support Vector Machines (SVM) which becomes one of the most important techniques for anomaly intrusion detection due to their good generalization nature and the ability to overcome the curse of dimensionality [3, 4] with applications involve large number of events as well as large number of features. Experimental analysis and comparison shows that our proposed system in [2] outperformed other recent systems [5, 6] in precision, computation time, false positive and false negative rate.
关键词:Intrusions Detection; Security Policy; Support Vector Machine; Principal Component; Feature Selection; False Negative; False Positive