计算机工程 ›› 2012, Vol. 38 ›› Issue (14): 21-25.doi: 10.3969/j.issn.1000-3428.2012.14.006

• 专栏 • 上一篇    下一篇

基于核学习的入侵检测改进方法

周泽寻,蒋 芸,明利特,王明芳,谢国城,李 想   

  1. (西北师范大学数学与信息科学学院,兰州 730070)
  • 收稿日期:2012-01-04 出版日期:2012-07-20 发布日期:2012-07-20
  • 作者简介:周泽寻(1986-),男,硕士研究生,主研方向:数据挖掘,入侵检测;蒋 芸,副教授、博士;明利特、王明芳、谢国城、李 想,硕士研究生
  • 基金项目:

    国家自然科学基金资助项目(61163036, 61163039);甘肃省自然科学基金资助项目(1010RJZA022, 1107RJZA112);西北师范大学第三期知识与创新工程科研骨干基金资助项目(nwnu-kjcxgc- 03-67)

Improved Intrusion Detection Method Based on Kernel Learning

ZHOU Ze-xun, JIANG Yun, MING Li-te, WANG Ming-fang, XIE Guo-cheng, LI Xiang   

  1. (College of Mathematics and Information Science, Northwest Normal University, Lanzhou 730070, China)
  • Received:2012-01-04 Online:2012-07-20 Published:2012-07-20

摘要:

针对入侵检测中部分攻击类型检测率低的问题,提出一种基于核学习的入侵检测改进方法。采用核主成分分析(KPCA)对入侵检测中的高维非线性结构数据集进行数据预处理,通过支持向量数据描述(SVDD)构造分类器,对预处理后的数据进行分类。实验结果表明,与已有方法相比,改进方法的检测精度较高、漏检率较低。

关键词: 核学习, 核主成分分析, 支持向量数据描述, 入侵检测, 异常检测

Abstract:

Due to low detection rate about some attack types in intrusion detection, this paper presents an improved intrusion detection method based on kernel learning. Because of high dimensional and nonlinear structure dataset in intrusion detection, Kernel Principal Component Analysis(KPCA) is presented to preprocess the dataset. The classifier is developed by Support Vector Data Description(SVDD), and the data through preprocessed is applied in the classifier. Experimental results show that the improved method can acquire higher detection precision and lower missed detection rate.

Key words: kernel learning, Kernel Principal Component Analysis(KPCA), Support Vector Data Description(SVDD), intrusion detection, abnormal detection

中图分类号: