摘要： 采用改进的二进制粒子群优化进行入侵特征子集选择，粒子群中每个粒子代表一个选择的特征子集，结合支持向量机使用该特征子集所对应的数据集进行分类，正确分类结果作为该粒子的适应度，通过粒子群优化实现最优入侵特征选择。改进的BPSO 方法中通过引入粒子群依概率整体变异来避免陷入局部最优，同时采用粒子禁忌搜索列表来扩大粒子搜索范围和避免重复计算；SVM 中采用基于粒度的网格搜索来获得最优核参数。最后用KDD 99 标准数据集进行实验研究，结果表明该方法能获得满意的检测效果。

关键词: 二进制粒子群优化；支持向量机；异常检测；特征选择

Abstract: In the proposed algorithm, every particle in the swarm stands for a selected subset of features. The fitness of particle is defined as the correct classification percentage by SVM using a training set whose patterns are represented using only the selected subset of features. Thus through particle swarm optimization to achieve intrusion feature selection and classification. A probabilistic mutation of BPSO is adopted to avoid local optimal and a tabu search table is used to enlarge particle swarm’s search space and avoid repeated computation. The results of experiment demonstrate that applying a hybrid of BPSO-SVM in intrusion detection System can be an effective way for feature selection and detecting intrusions via using the data sets of KDD cup 99.

Key words: Binary particle swarm optimization(BPSO); Support vector machines(SVM); Anomaly detection; Feature selection