摘要： 提出了一种基于随机子空间的多Agent分布式入侵检测方法。该方法把支持向量机作为检测Agent的核心检测算法，通过引入随机子空间生成具有知识互补特性的多个Agent，将其分布于网络的各个检测节点，用集成的思想把各Agent的结论进行合成。采用这种多Agent的分布式检测可以有效地提高系统的鲁棒性。实验表明这种方法的检测精度高于单个SVM和Bagging方法。

关键词: 入侵检测, 多Agent, 支持向量机, 随机子空间

Abstract: A multi-agent distributed intrusion detection method based on random subspace method is put forward. Support vector machine method is the key detection algorithm of intrusion detection agent. The knowledge complementarity of multiple agents is created by the introduction of random subspace method, then these agents are distributed to detection nodes in the network. Subsequently the conclusions of each agent are composed by the ensemble idea. The robustness of the system is effectively improved by distributed intrusion detection based on multi agent. The experiment results show that detection precision of this method is higher than that of single SVM and Bagging.

Key words: intrusion detection, multi-agent, support vector machine, random subspace

中图分类号: 

• TP393.08