Skip to main content
Journal ArticleOPEN ACCESS

A framework for adaptive anomaly detection based on support vector data description

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2004) 3222 443-450
DOI: 10.1007/978-3-540-30141-7_62
9Citations
Citations of this article
8Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

To improve the efficiency and usability of adaptive anomaly detection system, we propose a new framework based on Support Vector Data Description (SVDD) method. This framework includes two main techniques: online change detection and unsupervised anomaly detection. The first one enables automatically obtain model training data by measuring and distinguishing change caused by intensive attacks from normal behavior change and then filtering most intensive attacks. The second retrains model periodically and detects the forthcoming data. Results of experiments with the KDD'99 network data show that these techniques can handle intensive attacks effectively and adapt to the concept drift while still detecting attacks. As a result, false positive rate is reduced from 13.43% to 4.45%. © IFIP International Federation for Information Processing 2004.

Cite

CITATION STYLE

APA

Yang, M., Zhang, H., Fu, J., & Yan, F. (2004). A framework for adaptive anomaly detection based on support vector data description. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3222, 443–450. https://doi.org/10.1007/978-3-540-30141-7_62

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free