Abstract: In order to construct an anomaly detection classifier which has good learning and generalization ability, under the structural risk minimization (SRM) principle，the design rules of a support vector machines (SVMs) based anomaly detection classifier is discussed. The model and its parameters selection and estimation method of a SVM classifier are proposed. The training steps of a SVM anomaly detection classifier are given. Experiments on KDD’99 network intrusion detection dataset indicate that the proposed methods can speed up the process of constructing an intrusion detection classifier and the classification accuracy is higher.