Abstract
In this paper, a method is proposed to solve the difficult problem of the training model and the dynamic variability of the deployment environment. Firstly, the network traffic data is converted into numerical value and projected onto histograms of different dimensions to construct detection vectors. Based on the detection vector, some kinds of classifiers are compared. SVDD, which can handle high-dimensional data and has strong generalization ability, is chosen for anomaly detection. Secondly, in order to improve the true positive rate of detection and reduce training time, the classifier is trained continuously and trying various different combinations of features. Finally, a multi-step correlation detection algorithm is adopted to optimize the detection accuracy, and obvious abnormal samples are eliminated from the newly added samples, reducing the training cost and improving the classification accuracy. Through experiments based on a large amount of real network traffic data, the result demonstrate that the proposed method has higher accuracy and lower false alarm rate, and can effectively reduce the training cost.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
