Improving security using SVM-based anomaly detection: issues and challenges

Security is one of the main requirements of the current computer systems, and recently it gains much importance as the number and severity of malicious attacks increase dramatically. Anomaly detection is one of the main branches of the intrusion detection systems which enables to recognize the newer variants of the security attacks. This paper focuses on the anomaly detection schemes (ADS), which have applied support vector machine (SVM) for detecting intrusions and security attacks. For this purpose, it first presents the required concepts about the SVM classifier and intrusion detection systems. It then classifies the ADS approaches and discusses the various machine learning and artificial intelligence techniques that have been applied in combination with the SVM classifier to detect anomalies. Besides, it specifies the primary capabilities, possible limitations, or advantages of the ADS approaches. Furthermore, a comparison of the studied ADS schemes is provided to illuminate their various technical details.