Thesis__v1_0_2_.pdf (1.08 MB)
0/0

Incremental Support Vector Machine Approach for DoS and DDoS Attack Detection

Download (1.08 MB)
thesis
posted on 14.05.2019 by Seunghee Lee

Support Vector Machines (SVMs) have generally been effective in detecting instances of network intrusion. However, from a practical point of view, a standard SVM is not able to handle large-scale data efficiently due to the computation complexity of the algorithm and extensive memory requirements. To cope with the limitation, this study presents an incremental SVM method combined with a k-nearest neighbors (KNN) based candidate support vectors (CSV) selection strategy in order to speed up training and test process. The proposed incremental SVM method constructs or updates the pattern classes by incrementally incorporating new signatures without having to load and access the entire previous dataset in order to cope with evolving DoS and DDoS attacks. Performance of the proposed method is evaluated with experiments and compared with the standard SVM method and the simple incremental SVM method in terms of precision, recall, F1-score, and training and test duration.

History

Degree Type

Master of Science

Department

Computer and Information Technology

Campus location

West Lafayette

Advisor/Supervisor/Committee Chair

John A. Springer

Additional Committee Member 2

Eric T. Matson

Additional Committee Member 3

Vetria L. Byrd

Licence

Exports

Logo branding

Licence

Exports