Abstract: In order to decrease the long training time for most good generalizable intrusion detection system, a new intrusion detection method using ratio of kernel central distance (RKCD) which needs no training time and has good generalization ability is presented. The nonlinear separable intrusion data is classified using kernel method. Then the framework of the system using RKCD is introduced. The simulation results on system call traces show that this method performs well, saves the training time at the mean time.

Key words: Network security, Intrusion detection, Kernel method

摘要： 为了解决目前许多推广能力强的入侵检测系统训练时间长的问题，提出了一种不需要花费时间训练，同时又具有推广能力的入侵检测方法。该文利用核方法，巧妙地对非线性可分的入侵检测数据进行分类，提出了利用核中心距离比值法进行入侵检测的框图。用系统调用执行迹数据仿真的结果表明，核中心距比值分类法不但节省训练时间，而且检测性能比较理想。

关键词: 网络安全, 入侵检测, 核方法