基于MI与SVM的网络入侵检测方法研究
|
摘要
计算机网络的发展也带来了网络安全威胁问题,采用网络入侵检测的方法能有效防范网络攻击。提出了基于互信息MI与支持向量机SVM算法的入侵检测方法。MI算法对高维的数据集进行特征选择,实现数据降维,提高入侵检测效率;SVM算法实现网络连接行为的分类,判别攻击行为。理论分析与实验结果表明,基于MI与SVM的方法能有效地提高检测效率并获得较高的分类准确率。
The Cyber security threats have emerged with development of computer network. The method of network intrusion detection can effectively prevent network attack. An intrusion detection method based on support vector machine mutual information MI and SVM algorithm is proposed in this paper. MI algorithm can Execute transaction of the high dimensional dataset's feature selection. The goal of MI algorithm is to reduce the dimension of the high dimensional dataset and improves the intrusion detection efficiency. The SVM algorithm realizes the classification of the network connection behavior and detects the attack behavior. The experimental results and theoretical analysis of the algorithms show that the method of intrusion detection based on MI and SVM can effectively improve the detection efficiency and obtain a higher classification accuracy.
The Cyber security threats have emerged with development of computer network. The method of network intrusion detection can effectively prevent network attack. An intrusion detection method based on support vector machine mutual information MI and SVM algorithm is proposed in this paper. MI algorithm can Execute transaction of the high dimensional dataset's feature selection. The goal of MI algorithm is to reduce the dimension of the high dimensional dataset and improves the intrusion detection efficiency. The SVM algorithm realizes the classification of the network connection behavior and detects the attack behavior. The experimental results and theoretical analysis of the algorithms show that the method of intrusion detection based on MI and SVM can effectively improve the detection efficiency and obtain a higher classification accuracy.
引文
[1]Denning D E.An Intrusion-Detection Model[J].IEEE Transactions on Software Engineering,1987,13(2):222-232.
[2]Cortes C,Vapnik V.Support-vector Networks[J].Machine Learning,1995,20(3):273-297.
[3]李振刚,甘泉.改进蚁群算法优化SVM参数的网络入侵检测模型研究[J].重庆邮电大学学报(自然科学版),2014,26(6):785-789.
[4]马占飞,陈虎年,杨晋,等.一种基于IPSO-SVM算法的网络入侵检测方法[J].计算机科学,2018,45(2):231-235,260.
[5]袁开银,费岚.混合粒子群优化算法选择特征的网络入侵检测[J].吉林大学学报(理学版),2016,54(2):309-314.
[6]Kumar S.Classification and Detection of Computer Intrusions[D].West Lafayette:Purdue University,1995.
[7]Stafford W S N.Support Vector Nachine Applications in Computational Biology[J].Kernel Methods in Computational Biology,2004(1):71-92.
[8]徐温雅.基于机器学习的网络入侵检测研究[D].北京:北京交通大学(硕士学位论文),2018.
[9]解男男.机器学习方法在入侵检测中的应用研究[D].长春:吉林大学(博士学位论文),2015.
[10]黄会群,孙虹.粒子群选择特征和信息增益确定特征权值的入侵检测[J].计算机应用,2014,34(6):1686-1688.
[11]戴远飞,陈星,陈宏,等.基于特征选择的网络入侵检测方法[J].计算机应用研究,2017,34(8):2429-2433.
[12]丁宣宣,郭渊博.基于随机最小冗余条件互信息和支持向量机的混合入侵检测特征选择[J].计算机应用与软件,2017,34(11):295-301.
[13]刘大莲.大规模稀疏支持向量机算法研究[D].北京:北京交通大学(博士学位论文),2017.
[14]张蕾,崔勇,刘静,等.机器学习在网络空间安全研究中的应用[J].计算机学报,2018,41(9):1943-1975.
[2]Cortes C,Vapnik V.Support-vector Networks[J].Machine Learning,1995,20(3):273-297.
[3]李振刚,甘泉.改进蚁群算法优化SVM参数的网络入侵检测模型研究[J].重庆邮电大学学报(自然科学版),2014,26(6):785-789.
[4]马占飞,陈虎年,杨晋,等.一种基于IPSO-SVM算法的网络入侵检测方法[J].计算机科学,2018,45(2):231-235,260.
[5]袁开银,费岚.混合粒子群优化算法选择特征的网络入侵检测[J].吉林大学学报(理学版),2016,54(2):309-314.
[6]Kumar S.Classification and Detection of Computer Intrusions[D].West Lafayette:Purdue University,1995.
[7]Stafford W S N.Support Vector Nachine Applications in Computational Biology[J].Kernel Methods in Computational Biology,2004(1):71-92.
[8]徐温雅.基于机器学习的网络入侵检测研究[D].北京:北京交通大学(硕士学位论文),2018.
[9]解男男.机器学习方法在入侵检测中的应用研究[D].长春:吉林大学(博士学位论文),2015.
[10]黄会群,孙虹.粒子群选择特征和信息增益确定特征权值的入侵检测[J].计算机应用,2014,34(6):1686-1688.
[11]戴远飞,陈星,陈宏,等.基于特征选择的网络入侵检测方法[J].计算机应用研究,2017,34(8):2429-2433.
[12]丁宣宣,郭渊博.基于随机最小冗余条件互信息和支持向量机的混合入侵检测特征选择[J].计算机应用与软件,2017,34(11):295-301.
[13]刘大莲.大规模稀疏支持向量机算法研究[D].北京:北京交通大学(博士学位论文),2017.
[14]张蕾,崔勇,刘静,等.机器学习在网络空间安全研究中的应用[J].计算机学报,2018,41(9):1943-1975.