Theoretical Considerations on Artificial Intelligence and Cybersecurity, One-Class SVM for Anomaly Detection in Network Traffic

Authors

DOI:

https://doi.org/10.15584/di.2025.20.16

Keywords:

Python, artificial intelligence, cybersecurity, One-Class SVM

Abstract

In this article, One-Class SVM has been highlighted as a particularly valuable approach, as it does not require collecting large datasets of labeled attack samples. Instead, it effectively models normal behavior and identifies significant deviations from the expected pattern.

Both theoretical considerations and a Python code example have been presented, demonstrating how such a model can be trained on real or synthetic network data and subsequently used to detect potential anomalies.

Additionally, the text includes guidelines for data preparation, covering collection, cleaning, normalization, and potential dimensionality reduction, as well as hyperparameter optimization (including nu and gamma).

Furthermore, a mathematical perspective is provided, explaining the role of the weight vector (w), the threshold value (R), and the kernel function, which enables nonlinear mapping and the separation of normal samples from outliers.

Downloads

Download data is not yet available.

Downloads

Published

2025-12-31

How to Cite

Wołoszyn, J., & Wołoszyn, M. (2025). Theoretical Considerations on Artificial Intelligence and Cybersecurity, One-Class SVM for Anomaly Detection in Network Traffic. DIDACTICS OF INFORMATION TECHNOLOGY, 20, 185–194. https://doi.org/10.15584/di.2025.20.16

Issue

Vol. 20 (2025)

Section

ICT TOOLS IN PRACTICE

License

Copyright (c) 2025 DIDACTICS OF INFORMATION TECHNOLOGY

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Most read articles by the same author(s)

1 2 > >>