At present, there are many problems existing in most intrusion detection systems, such as low accurate rate, high false positive rate and false negative rate, therefore, it is crucial to research new intrusion detection algorithms. A new IDS model using multiple SVM classifiers is proposed in this paper. According to basic features of TCP, content features and traffic features, network connections are classified by three SVM classifiers, then those classified results are processed as evidence, which are fused together based on the combination rule of D-S evidence theory subsequently. The experimental result shows that our method can decrease the false positive rate and the false negative rate, and improve the accurate rate of the IDS significantly.

• 出版日期2010