| 基于支持向量机的入侵检测研究 |
| |
| 引用本文: | 戴天虹,王克奇,杨少春. 基于支持向量机的入侵检测研究[J]. 中国安全科学学报, 2008, 18(4): 126-130 |
| |
| 作者姓名: | 戴天虹 王克奇 杨少春 |
| |
| 作者单位: | 东北林业大学机电工程学院,哈尔滨,150040 |
| |
| 摘 要: | 根据入侵检测和支持向量机的特点,提出基于最小二乘支持向量机异常检测方法,并建立基于支持向量机入侵检测的模型,对网络数据进行采集,提取特征,进行分类,分辨正常的数据和异常的数据。并在KDD CUP'99标准入侵检测数据集上进行实验,选取data_10_percent子集,把该数据集中的41个属性作为特征,将该子集最后一个属性label属性为:back,ipsweep,neptun,ports-weep和normal各200个数据进行测试。实证表明:该方法能获得较高检测率和较低误警率。
|
| 关 键 词: | 支持向量机(SVM) 入侵检测系统(IDS) 网络安全 异常检测 特征抽取 |
| 文章编号: | 1003-3033(2008)04-0126-05 |
| 修稿时间: | 2008-01-28 |
Intrusion Detection Research Based on Support Vector Machine |
| |
| DAI Tian-hong,WANG Ke-qi,YANG Shao-chun. Intrusion Detection Research Based on Support Vector Machine[J]. China Safety Science Journal, 2008, 18(4): 126-130 |
| |
| Authors: | DAI Tian-hong WANG Ke-qi YANG Shao-chun |
| |
| Abstract: | According to the traits of intrusion detection and support vector machines,an abnormal detection method was presented based on the least-squares Support Vector Machine,and an intrusion detection model was built based on support vector machine,which was used for the network data collection,feature extraction,data classification and distinguishing between normal data and abnormal data.A test was conducted on the intrusion detection data of KDD CUP'99 standards by selecting the subset of data_10_percent;the 41 attributes of this subset were taken as the characteristics,and the final attribute of this subset was labeled as back,ipsweep,neptun,portsweep and normal.200 data of each kind was respectively tested.The result shows that this method can obtain a higher detection rate and a lower false warning rate. |
| |
| Keywords: | support vector machine(SVM) intrusion detection system(IDS) network security abnormal detection feature extraction. |
| 本文献已被 维普 万方数据 等数据库收录! |
|
