基于信息增益的贝叶斯态势要素提取
|
摘要
针对网络安全态势要素提取、约简、分类问题,文章对收集的网络数据,通过计算每个属性的信息增益约简,并通过信息增益设置权值,获得关联性强的态势因子。在朴素贝叶斯进行的安全态势因子分类中,对朴素贝叶斯算法进行了改进,加入了调控因子,提高了分类效果,并实现了对恶意攻击的检测。最后,用入侵检测数据集对改进的方法进行测试,并将得到的结果与传统的方法进行比较,得到了更好的效果。
Network security situational factors of extraction exist some problems in reduction and classification. We collect network data to obtain the strong correlation between situational factors through setting up right value. Through the improvement of naive bayesian analysis, the detection of malicious attack was realized. This paper tries to experiment with the intrusion detection data set, and compares the traditional method to the better effect.
Network security situational factors of extraction exist some problems in reduction and classification. We collect network data to obtain the strong correlation between situational factors through setting up right value. Through the improvement of naive bayesian analysis, the detection of malicious attack was realized. This paper tries to experiment with the intrusion detection data set, and compares the traditional method to the better effect.
引文
[1]BASS T.Multisensor Data Fusion for Next Generation Distributed Intrusion Detection Systems[J].Proceedings of the Iris National Symposium on Sensor&Data Fusion,2001:24-27.
[2]LOH P K K,SUBRAMANIAN.D.Fuzzy Classification Metrics for Scanner Assessment and Vulnerability Reporting[J].IEEE Transactions on Information Forensics&Security,2010,5(4):613-624.
[3]YURCIK W.Visualizing Net Flows for Security at Line Speed:the SIFT Tool Suite[C]//USENIX Association Berkeley.Conference on Systems Administration,December 04-09,2005,San Diego,CA,USA.New York:DBLP,2005:169-176.
[4]WANG H,LIANG Y,YE H.An Extraction Method of Situational Factors for Network Security Situational Awareness[C]//IEEE.International Conference on Internet Computing in Science and Engineering,January 28-29,2008,Harbin,China.Washington D.C:IEEE Computer Society,2008:317-320.
[4]李冬银.基于Logistic回归的网络安全态势要素获取研究[D].福州:福州大学,2014.
[5]刘效武,王慧强,吕宏武,等.网络安全态势认知融合感控模型[J].软件学报,2016,27(8):2009-2114.
[6]李宏军,郎为民,邓刚.一种高效的大数据中心完整性检查方案研究[J].信息网络安全,2016(5):1-8.
[7]LEE W,STOLFO S J,MOK K W.A Data Mining Framework for Building Intrusion Detection Models[C]//IEEE.Security and Privacy,May 14,1999,Oakland,CA.CA:Security and Privacy,1999:120-132.
[8]吴晓平,周舟,李洪成.Spark框架下基于无指导学习环境的网络流量异常检测研究与实现[J].信息网络安全,2016(6):1-7.
[9]徐永华,李广水.基于距离加权模板约简和属性信息熵的增量SVM入侵检测算法[J].计算机科学,2012,39(12):76-78.
[2]LOH P K K,SUBRAMANIAN.D.Fuzzy Classification Metrics for Scanner Assessment and Vulnerability Reporting[J].IEEE Transactions on Information Forensics&Security,2010,5(4):613-624.
[3]YURCIK W.Visualizing Net Flows for Security at Line Speed:the SIFT Tool Suite[C]//USENIX Association Berkeley.Conference on Systems Administration,December 04-09,2005,San Diego,CA,USA.New York:DBLP,2005:169-176.
[4]WANG H,LIANG Y,YE H.An Extraction Method of Situational Factors for Network Security Situational Awareness[C]//IEEE.International Conference on Internet Computing in Science and Engineering,January 28-29,2008,Harbin,China.Washington D.C:IEEE Computer Society,2008:317-320.
[4]李冬银.基于Logistic回归的网络安全态势要素获取研究[D].福州:福州大学,2014.
[5]刘效武,王慧强,吕宏武,等.网络安全态势认知融合感控模型[J].软件学报,2016,27(8):2009-2114.
[6]李宏军,郎为民,邓刚.一种高效的大数据中心完整性检查方案研究[J].信息网络安全,2016(5):1-8.
[7]LEE W,STOLFO S J,MOK K W.A Data Mining Framework for Building Intrusion Detection Models[C]//IEEE.Security and Privacy,May 14,1999,Oakland,CA.CA:Security and Privacy,1999:120-132.
[8]吴晓平,周舟,李洪成.Spark框架下基于无指导学习环境的网络流量异常检测研究与实现[J].信息网络安全,2016(6):1-7.
[9]徐永华,李广水.基于距离加权模板约简和属性信息熵的增量SVM入侵检测算法[J].计算机科学,2012,39(12):76-78.