计算机工程 ›› 2008, Vol. 34 ›› Issue (4): 154-156.doi: 10.3969/j.issn.1000-3428.2008.04.054

• 安全技术 • 上一篇    下一篇

基于SVM的数据融合方法在DIDS中的应用

叶 苗1,2,王 勇1,麦范金2,陈超泉2   

  1. (1. 桂林电子科技大学网络中心,桂林 541004;2. 桂林工学院网络中心,桂林 541004)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-02-20 发布日期:2008-02-20

Application of SVM Sensor and Data Fusion in Distributed Intrusion Detection System

YE Miao1,2, WANG Yong1, MAI Fan-jin2, CHENG Chao-quan2   

  1. (1. Network Center, Guilin University of Electronic Technology, Guilin 541004;2. Network Center, Guilin Institute of Industrial Technology, Guilin 541004)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-02-20 Published:2008-02-20

摘要: 考虑到传统SVM解决传统IDS问题的困难,建立基于带概率输出信息的SVM局部信息检测和数据融合、决策分析的分布式入侵检测DIDS模型。该模型尽可能利用局部SVM分类器的优势,充分考虑了各局部SVM的性能差别。通过KDD99数据集对该模型的测试,证明该分布式入侵检测模型可以明显地降低入侵检测的漏报率,提高检测精度。

关键词: 支持向量机, 概率分配函数, 分布式入侵检测, 数据融合, 检测率

Abstract: To solve the difficulty of traditional SVM applied into IDS, a distributed intrusion detection model based on SVM sensor with probability estimation and data fusion is proposed. The local SVM’s advantage and differences among each local SVM’s performance are considered in this model. Experimental results carried out with KDD99 dataset show that the model can make false positive lower and improve the efficiency of the intrusion detection

Key words: support vector machine, probability assignment function, distributed intrusion detection, data fusion, detection rate

中图分类号: