摘要： 针对基于支持向量机(SVM)的入侵检测方法检测率低、检测速度慢的问题，提出一种基于快速增量SVM的入侵检测方法 B-ISVM。该方法在确定邻界区后筛选其中的样本进行训练，完成分类超平面的初步构造，利用筛选因子提取支持向量，再进行基于KKT条件的增量学习，实现增量SVM分类器的构造。实验结果表明，该方法可以提高入侵检测率和检测速度，拥有更好的分类性能。

关键词: 入侵检测, 增量支持向量机, K-均值算法, 邻界区, 样本分散度

Abstract: Aiming at the low rate of intrusion detection and the slow detection speed of intrusion detection method based on Support Vector Machine(SVM), this paper proposes a new method named Boundary-Incremental Support Vector Machine(B-ISVM). The boundary areas are identified and samples are screened for training to construct the initial classification hyperplane. The support vector is extracted according to screening factor. And the construction of the incremental SVM classifier is completed through incremental learning based on KKT conditions. Experimental results show that the method can achieve higher rate of intrusion detection and faster detection speed, and it has better classification performance.

Key words: intrusion detection, Incremental Support Vector Machine(ISVM), K-means algorithm, boundary area, sample dispersion

中图分类号: 

• TP309.2