摘要: 用于网络入侵检测系统(IDS)的特征(变量)数量太多或太少都会降低IDS识别入侵者的正确率。为解决这一矛盾,提出一种选择最优特征的方法。计算每个特征或组合成的新特征对IDS的“贡献”值,选择少量“贡献”值较大的特征(最优特征)作为IDS识别入侵者的特征,既减少特征数量又基本保留了原始特征组所提供的信息。实验证明该方法实用且识别入侵者的正确率较高。
关键词:
入侵检测系统,
最优特征,
反向传播神经元网络
Abstract: Using too many or too too few characters(variable) in Intrusion Detection System(IDS) leads to reduce recognizing correctness of IDS. To resolve the contradiction and to improve the whole performance of IDS, an approach of choosing optimal characters used to IDS is presented. With the approach, new characters made of original characters, “contributions” of new characters for recognizing intruders are computed, and the characters with larger “contributions” value are chosen as the characters of IDS. Number of the characters used to IDS is reduced, and the information belonging to original characters are kept largely to improve recognizing correctness. The characters with larger “contributions” are optimal characters. Tests show that the approach is useful.
Key words:
Intrusion Detection System(IDS),
optimal character,
Back Propagate(BP) neural network
中图分类号:
王树, 杜启军, 余桂贤, 余生晨, 李广平, 徐亚飞3, 薛阳, 王晓伟. 网络入侵检测系统的最优特征选择方法[J]. 计算机工程, 2010, 36(15): 140-141,144.
Wang-Shu, DU Qi-Jun, TU Gui-Xian, TU Sheng-Chen, LI An-Beng, XU E-Fei-3, XUE Yang, WANG Xiao-Wei. Method of Choosing Optimal Characters for Network Intrusion Detection System[J]. Computer Engineering, 2010, 36(15): 140-141,144.