作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2007, Vol. 33 ›› Issue (04): 140-142. doi: 10.3969/j.issn.1000-3428.2007.04.048

• 安全技术 • 上一篇    下一篇

基于静态分类器选择的网络入侵检测方法

米爱中1,2,沈记全1,2,郑雪峰1,涂序彦1   

  1. (1. 北京科技大学信息工程学院,北京 100083;2. 河南理工大学计算机科学与技术学院,焦作 454000)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-02-20 发布日期:2007-02-20

Network Intrusion Detection Approach Based on Static Classifier Selection

MI Aizhong1,2, SHEN Jiquan1,2, ZHEANG Xuefeng1, TU Xuyan1   

  1. (1. School of Information Engineering, University of Science and Technology Beijing, Beijing 100083; 2. School of Computer Science and Technology, Henan Polytechnic University, Jiaozuo 454000)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-02-20 Published:2007-02-20

摘要: 计算机网络的安全在当今社会起着举足轻重的作用。该文将基于分类器选择的模式识别方法应用于入侵检测,提出了一种基于静态分类器选择的网络入侵检测方法。该方法对经过聚类获得的各个区域采用新的策略进一步划分,在划分后的子区域上选择分类器,结合了最近邻规则,减小静态分类器选择方法的误差,提高了检测性能。聚类选择(CS)是典型的静态分类器选择方法,在KDD’99的入侵检测数据集上的实验表明,该方法的性能优于基于聚类选择的网络入侵检测方法。

关键词: 静态分类器选择, 网络入侵检测, 聚类选择, 模式识别

Abstract: The security of computer networks plays a strategic role in modern society. This paper applies pattern recognition approach based on classifier selection to intrusion detection and presents a network intrusion detection approach based on static classifier selection. The approach reduces the errors of static classifier selection and improves the detection performance by partitioning every clustering area with a new method,selecting a classifier according to the sub-areas, and combing the nearest neighbor rule. Clustering and selection (CS) is a typical method of static classifier selection. Experiments have been done on the intrusion detection dataset of KDD’99 and the results show that the proposed approach is superior to the one based on clustering and selection.

Key words: Static classifier selection, Network intrusion detection, Clustering and selection, Pattern recognition