摘要: 针对入侵检测系统的高漏报率及高误报率问题,提出一种混杂入侵检测模型。该模型分别构造基于核主成分分析(KPCA)和核独立成分分析(KICA)的特征提取器,并采用集成学习对特征提取结果进行整合学习。采用分布式神经网络对集成结果进行再学习,从而实现对大规模数据的分布式处理。通过反馈机制调节KPCA和KICA的集成学习权重,达到最优检测效果。采用KDD CUP’99数据集进行测试实验,结果表明:该模型能够获得较高的检测正确率,同时具有较低的漏报率及误报率。
关键词:
入侵检测,
集成,
核主成分分析,
核独立成分分析,
分布式神经网络
Abstract: A hybrid intrusion detection model is presented against the high false positive and false negative rate in Intrusion Detection System (IDS). This model constructs two feature extractors based on Kernel Principle Component Analysis(KPCA) and Kernel Independent Component Analysis(KICA), and uses a novel ensemble approach to learn the results produced by the extractors. It has capacity of processing large-scale data by using distributed neural network to learn the ensemble results, and obtains the optimal detection result by means of feedback regulating to change the ensemble learning weight. KDD CUP’99 is adopted in experiment and the result shows the model gets the lower false negative rate and false positive rate besides the higher accuracy.
Key words:
intrusion detection,
integration,
Kernel Principle Component Analysis(KPCA),
Kernel Independent Component Analysis(KICA),
distributed neural network
中图分类号:
谢堉鑫, 刘衍珩, 朱建启, 孙鑫, 付枫. 基于分布式集成学习的入侵检测模型[J]. 计算机工程, 2011, 37(13): 104-106.
XIE Yu-Xin, LIU Yan-Hang, SHU Jian-Qi, SUN Xin, FU Feng. Intrusion Detection Model Based on Distributed Integrated Learning[J]. Computer Engineering, 2011, 37(13): 104-106.