Proceedings of the Korean Information Science Society Conference (한국정보과학회:학술대회논문집)
- 2003.10a
- /
- Pages.682-684
- /
- 2003
- /
- 1598-5164(pISSN)
Intrusion Detection Using Log Server and Support Vector Machines
- Donghai Guan (Dept. of Computer Engineering, Kumoh National Institute of Technology) ;
- Donggyu Yeo (Dept. of Computer Engineering, Kumoh National Institute of Technology) ;
- Lee, Juwan (Dept. of Computer Engineering, Kumoh National Institute of Technology) ;
- Dukwhan Oh (Dept. of Computer Engineering, Kumoh National Institute of Technology)
- Published : 2003.10.01
Abstract
With the explosive rapid expansion of computer using during the past few years, security has become a crucial issue for modem computer systems. Today, there are many intrusion detection systems (IDS) on the Internet. A variety of intrusion detection techniques and tools exist in the computer security community such as enterprise security management system (ESM) and system integrity checking tools. However, there is a potential problem involved with intrusion detection systems that are installed locally on the machines to be monitored. If the system being monitored is compromised, it is quite likely that the intruder will after the system logs and the intrusion logs while the intrusion remains undetected. In this project KIT-I, we adopt remote logging server (RLS) mechanism, which is used to backup the log files to the server. Taking into account security, we make use of the function of SSL of Java and certificate authority (CA) based key management. Furthermore, Support Vector Machine (SVM) is applied in our project to detect the intrusion activities.
Keywords