About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
IJCNN 2008
Conference paper
Signature based intrusion detection using latent semantic analysis
Abstract
We address the problem of selecting and extracting key features by using singular value decomposition and latent semantic analysis. As a consequence, we are able to discover latent information which allows us to design signatures for forensics and in a dual approach for real-time intrusion detection systems. The validity of this method is shown by using several automated classification algorithms (Maxim, SVM, LGP). Using the original data set we classify 99.86% of the calls correctly. After feature extraction we classify 99.68% of the calls correctly, while with feature selection we classify 99.78% of the calls correctly, justifying the use of these techniques in forensics. The signatures obtained after feature selection and extraction using LSA allow us to classify 95.69% of the calls correctly with features that can be computed in real time. We use Support Vector Decision Function and Linear Genetic Programming for feature selection on a real data set generated on a live performance network that consists of probe and denial of service attacks. We find that the results reinforce our feature selection method. © 2008 IEEE.