计算机工程 ›› 2007, Vol. 33 ›› Issue (01): 153-155.doi: 10.3969/j.issn.1000-3428.2007.01.053

• 安全技术 • 上一篇    下一篇

基于SVM主动学习的入侵检测系统

段丹青1,2,陈松乔1,杨卫平1,2   

  1. (1. 中南大学信息科学与工程学院,长沙 410083;2. 湖南公安高等专科学校计算机科学技术系,长沙 410006)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-01-05 发布日期:2007-01-05

Intrusion Detection System Based on Support Vector Machine Active Learning

DUAN Danqing1,2, CHEN Songqiao1, YANG Weiping1,2   

  1. (1. College of Information Science and Engineering, Central South University, Changsha 410083; 2. Department of Computer Science and Technology, Hunan Public Security College, Changsha 410006)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-01-05 Published:2007-01-05

摘要: 研究在入侵检测中,采用基于支持向量机(SVM)的主动学习算法,解决小样本下的机器学习问题。该文提出了基于SVM主动学习算法的系统框架及适用于入侵检测系统的SVM主动学习算法,讨论了候选样本集的组成比例、候选样本集数量及核函数的不同参数选取对检测结果的影响。通过实验验证,基于SVM主动学习算法与传统SVM算法相比,能有效地减少学习样本数,提高检测精度。

关键词: 入侵检测, 支持向量机, 主动学习

Abstract: Using support vector machine(SVM) active learning in intrusion detection to resolve the problem of machine learning in the small sample size. This paper provides a framework of intrusion detection system based on SVM active learning, and it also provides a SVM active learning algorithm for intrusion detection system, discusses how the composition of the unlabeled sample set, the size of the unlabeled sample set and the parameter of the kernel function affect the accuracy of the SVM. Compared with the traditional SVM self-learning algorithm, the experiment shows active learning algorithm can immensely reduce the number of the training date and efficiently improve the performance of the classifier in intrusion detection system.

Key words: Intrusion detection, Support vector machine(SVM), Active learning