摘要： 通过分析现有入侵检测技术的不足，探讨基于孤立点挖掘的入侵检测技术的优势，提出一种基于核密度估计的入侵检测方法。该方法通过核密度估计求出孤立点的近似集，再通过筛选近似集获得最终的孤立点集合，从而检测入侵记录。阐述了具体实现方案，通过仿真实验验证了该方法的可行性。

关键词: 入侵检测, 孤立点, 核密度估计, 编码映射, 主成分分析

Abstract: This paper analyses the disadvantages of the existing intrusion detection technology and discusses the advantages of intrusion detection based on outlier mining, a new intrusion detection method based on kernel density estimator called IDKD is proposed. In IDKD, the approximate set of outliers is calculated by kernel density estimator through one data set pass, and the indeed set of outliers is generated from the approximate set by another data set pass, the anomaly records are detected. This method is applied in KDD99 data set and gets satisfactory results.

Key words: intrusion detection, outlier, kernel density estimator, code mapping, principal components analysis

中图分类号: 

• TP391