摘要: 针对现有入侵检测算法误报率较高和鲁棒性较差的问题,提出一种基于稀疏表示的协同入侵检测算法。通过构建正常类和攻击类训练字典获取类别内在本质特征,结合子空间结构理论计算重构误差,从而判定测试样本类别。实验结果表明,该算法能保证较高的检测率和较低的误报率,对不平衡数据集有较好的鲁棒性,对正常行为和异常行为有较好的区分度。
关键词:
稀疏表示,
子空间,
重构误差,
入侵检测算法
Abstract: Aiming at the high alarm rate and poor robustness in the existing intrusion detection algorithms, this paper proposes a cooperative intrusion detection algorithm based on sparse representation. The algorithm trains the dictionary for the normal class and attack class, to capture the intrinsic nature of the class characteristics. With the theory of subspace structure, determines the class of test samples according to the error of sparse reconstruction. Experimental results demonstrate that it can guarantee higher detection rate and low false alarm rate, it has good robustness in the imbalanced dataset experiment and has a good degree of differentiation for normal behavior and unusual behavior.
Key words:
sparse representation,
subspace,
reconstruction error,
intrusion detection algorithm
中图分类号:
崔保良, 滕少华, 崔振. 基于稀疏表示的协同入侵检测算法[J]. 计算机工程, 2011, 37(16): 135-137.
CUI Bao-Liang, TENG Shao-Hua, CUI Zhen. Cooperative Intrusion Detection Algorithm Based on Sparse Representation[J]. Computer Engineering, 2011, 37(16): 135-137.