作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2006, Vol. 32 ›› Issue (18): 122-124. doi: 10.3969/j.issn.1000-3428.2006.18.044

• 安全技术 • 上一篇    下一篇

基于核中心距比值法的入侵检测

饶 鲜,李 斌,杨绍全   

  1. (西安电子科技大学电子工程学院电子对抗研究所,西安 710071)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2006-09-20 发布日期:2006-09-20

Intrusions Detection Using the Ratio of Kernel Central Distance

RAO Xian, LI Bin, YANG Shaoquan   

  1. (Institute of Electronic Countermeasures, School of Electronics Engineering, Xidian University, Xi’an 710071)
  • Received:1900-01-01 Revised:1900-01-01 Online:2006-09-20 Published:2006-09-20

摘要: 为了解决目前许多推广能力强的入侵检测系统训练时间长的问题,提出了一种不需要花费时间训练,同时又具有推广能力的入侵检测方法。该文利用核方法,巧妙地对非线性可分的入侵检测数据进行分类,提出了利用核中心距离比值法进行入侵检测的框图。用系统调用执行迹数据仿真的结果表明,核中心距比值分类法不但节省训练时间,而且检测性能比较理想。

关键词: 网络安全, 入侵检测, 核方法

Abstract: In order to decrease the long training time for most good generalizable intrusion detection system, a new intrusion detection method using ratio of kernel central distance (RKCD) which needs no training time and has good generalization ability is presented. The nonlinear separable intrusion data is classified using kernel method. Then the framework of the system using RKCD is introduced. The simulation results on system call traces show that this method performs well, saves the training time at the mean time.

Key words: Network security, Intrusion detection, Kernel method