摘要: 提出一种基于AdaBoost的入侵特征约减算法,利用该算法约减入侵特征中的冗余特征,构造Ada-加权和Ada-域值分类器,并与支持向量机分类器进行对比。设计并实现Linux实时入侵检测实验平台,并将特征约减算法和3种分类方法应用于该平台。实验结果表明,由特征约减算法挑选出来的入侵特征集较优,Ada-加权和Ada-域值分类器的分类效果优于支持向量机分类器,且Ada-域值分类器在测试集上的检测性能最佳。
关键词:
入侵检测,
特征约减,
Ada加权分类器,
Ada域值分类器
Abstract: A reduction algorithm based on AdaBoost is proposed in the paper to reduce the intrusion feature redundancy. With algorithm, two classifiers——Ada weighted-classifier and Ada threshold-classifier are constructed, compared with support vector machine classifier. An Linux IDS experimental platform is designed and implemented, and the algorithm and three classification methods are applied using the platform. Experimental results show that intrusion feature set selected by the feature reduction algorithm is better, and the classification effect of Ada weighted-classifier and Ada threshold-classifier are better than SVM classifier, also the performance of detection Ada threshold-classifier is the best on test set.
Key words:
intrusion detection,
feature reduction,
Ada weighted-classifier,
Ada threshold-classifier
中图分类号:
陶晓玲;王 勇;罗 鹏. 基于AdaBoost特征约减的入侵检测分类方法[J]. 计算机工程, 2008, 34(18): 199-201.
TAO Xiao-ling; WANG Yong; LUO Peng. Classification Method of Intrusion Detection Based on AdaBoost Feature Reduction[J]. Computer Engineering, 2008, 34(18): 199-201.