Abstract: For the growing web intrusion issues, We propose a new method for intrusion detection. In this paper, we first make deep analysis on the attacks and misuse patterns in log files; and then propose a method with support vector machines for anomaly detection. The one-class SVM for our intrusion detection task is improved, so as to make the novelty data cluster in one class (the negative class around the origin). And the SVM classifier is generated and trained with abstracted data. Experimental results show that this method is effecfive.