作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2012, Vol. 38 ›› Issue (06): 158-160. doi: 10.3969/j.issn.1000-3428.2012.06.052

• 安全技术 • 上一篇    下一篇

基于Tri-training的入侵检测算法

邬书跃 1,2,余 杰 3,樊晓平 1   

  1. (1. 中南大学信息科学与工程学院,长沙 410083;2. 湖南涉外经济学院电气与信息工程学院,长沙 410205;3. 国防科技大学计算机学院,长沙 410073)
  • 收稿日期:2011-07-08 出版日期:2012-03-20 发布日期:2012-03-20
  • 作者简介:邬书跃(1963-),男,教授,主研方向:网络安全,移动通信;余 杰,博士;樊晓平,博士、博士生导师
  • 基金资助:

    国家自然科学基金资助项目(61103015);湖南省自然科学基金资助项目(09JJ5043)

Intrusion Detection Algorithm Based on Tri-training

WU Shu-yue 1,2, YU Jie 3, FAN Xiao-ping 1   

  1. (1. School of Information Science and Engineering, Central South University, Changsha 410083, China; 2. Institute of Electrical and Information Engineering, Hunan International Economics University, Changsha 410205, China; 3. School of Computer, National University of Defense Technology, Changsha 410073, China)
  • Received:2011-07-08 Online:2012-03-20 Published:2012-03-20

摘要: 半监督的双协同训练要求划分出的2个数据向量相互独立,不符合真实的网络入侵检测数据特征。为此,提出一种基于三协同训练(Tri-training)的入侵检测算法。使用大量未标记数据,通过3个分类器对检测结果进行循环迭代训练,避免交叉验证。仿真实验表明,在少量样本情况下,该算法的检测准确度比SVM Co-training算法提高了2.1%,并且随着循环次数的增加,其性能优势更加明显。

关键词: 入侵检测, 小样本, 支持向量机, 半监督, 双协同训练, 三协同训练

Abstract: The Co-training method requires the independence of two data vectors, which is far from the characteristic of real dataset in network intrusion detection. This paper proposes a intrusion detection method based on Tri-training. It exploits the large amount of unlabeled data, and increases the detection accuracy and stability by Co-training three classifiers. Simulation results show that this method is 2.1% more accurate than the SVM Co-training method, and it performs better with the increase of the loop number.

Key words: intrusion detection, small-sample, Support Vector Machine(SVM), semi-supervised, Co-training, Tri-training

中图分类号: