Most existing approaches for solving the network threat problems focus on the specific security mechanisms, for example, network intrusion detection system (NIDS) detection, firewall configuration, rather than on flow management approaches to defend network threats with an SDN (Software Defined Networking) architecture. Accordingly, this study proposes an improved behaviour-based SVM (support vector machine) with learning algorithm for use in the security monitoring system (SMS) to categorize network threats for network intrusion detection system. The model also adopted the ID3 decision tree theory to outrank raw features and determine the most qualified features to train support vector classifier (SVC) considering the overall detection precision rate of experiments which speeds up the learning of normal and intrusive patterns and and increases the accuracy of detecting intrusion. By using sFlow collector and analyzer associated with sFlow-RT toolset, the experimental results proved that the SMS enables a defender to classify the network threats with defence strategies and defend network threats.
|Name||2016 IEEE 13TH INTERNATIONAL CONFERENCE ON E-BUSINESS ENGINEERING (ICEBE)|
|Conference||13th IEEE International Conference on e-Business Engineering (ICEBE)|
|Period||4/11/16 → 6/11/16|
- Software-defined networking; network threat; Support vector machine; ID3 decision tree; NIDS