基于QPSO算法的异常检测方法

在入侵检测系统中,将正常状态与异常状态区分开来,是目前所面临的一个难点。针对这一问题,提出了在异常检测中运用量子粒子群算法(QPSO)对隶属度函数参数进行优化的方法。把隶属度函数里的参数组合当作一个粒子,在粒子的迭代进化中运用模糊数据挖掘的技术,可以搜索到最佳的参数组合,最大限度地把正常状态和异常状态区分开来,提高了异常检测的准确性,并通过实验验证了这一方法的可行性。     

基于数学形态学的模糊异常点检测

异常点检测作为数据挖掘的一项重要任务,可能会导致意想不到的知识发现.但传统的异常点检测技术都忽略了数据的自然结构,即异常点与簇的联系.然而,把异常点得分和聚类方法结合起来有利于对异常点与簇的联系的研究.提出基于数学形态学的模糊异常点检测与分析,把数学形态学技术和基于连接的异常点检测方法集成到一个模糊模型中,从异常隶属度和模糊隶属度这两个方面来分析对象与簇集的模糊关系.通过充分的实验证明,该算法能够对复杂面状和变密度的数据集,正确、高效地找出异常点,同时发现与异常点相关联的簇信息,探索异常点与簇核的关联深度,对异常点本身的意义具有启发作用.     

基于CHC遗传模型的数量属性模糊划分

提出一种基于跨世代异物种重组大变异遗传模型的数量属性模糊划分方法,采用实数编码和PNX交叉算子,通过设定阈值重新初始化算子,以模糊1-频繁项的支持度、三角形隶属度函数对数量属性取值范围的覆盖率以及隶属度函数间的重叠度为优化目标,通过遗传进化自动确定数量属性的模糊划分区间。实验结果表明该方法缩短了进化所需时间,所得最优个体的适应度值较高。     

基于CHC遗传模型的数量属性模糊划分

提出一种基于跨世代异物种重组大变异遗传模型的数量属性模糊划分方法,采用实数编码和PNX交叉算子,通过设定阈值重新初始化算子,以模糊1-频繁项的支持度、三角形隶属度函数对数量属性取值范围的覆盖率以及隶属度函数间的重叠度为优化目标,通过遗传进化自动确定数量属性的模糊划分区间。实验结果表明该方法缩短了进化所需时间,所得最优个体的适应度值较高。     

基于改进的FCM算法的入侵检测研究

随着计算机网络的不断发展,网络信息安全成为人们越来越关注的一个方面.入侵检测是提高网络信息安全的一个重要手段.为了提高入侵检测的效率,文中在提出了一种基于隶属关系不确定的模糊聚类算法.该算法在迭代过程中为目标函数创建了一个不确定性隶属度和一个相对性隶属度,使样本中的元素不仅仅局限于一个聚类.通过在数据集上的实验,验证了该算法在数据挖掘入侵检测中的检测率高于一般的K均值算法和模糊聚类算法.证明该方法在模糊事件的情况下,会提高正确的聚类结果.     

自适应神经网络模糊推理系统最优参数的研究

模糊规则的提取和隶属度函数的学习是模糊系统设计中重要而困难的问题。自适应神经网络模糊推理系统（ANFIS）能基于数据建模，无须专家经验，自动产生模糊规则和调整隶属度函数。在建立一个初始系统进行训练时，其隶属度函数的类型、隶属度函数的数日以及训练次数都是待定的，这三个参数的选择直接影响系统训练后的效果，它们的确定方法有待研究。该文应用自适应神经网络模糊推理系统的方法对一个典型系统进行建模仿真，并阐述这三个参数的寻优方法。     

入侵检测中的模糊数据挖掘技术

本文论述了模糊数据挖掘技术在入侵检测中的应用，详细描述了利用审计数据挖掘模糊相联规则的算法，给出了相联规则集合相似度的函数，最后给出了利用它进行异常检测的简单的试验结果，结果表明利用模糊数据挖掘可以识别系统的异常行为。     

FRBF神经网络分类器设计新方法

提出了一种结合模糊径向基函数网络和稀疏V-SVM的二分类器构建方法。FRBF初始网络中的RBF隶属度函数中心由随机抽取的样本确定,而RBF隶属度函数的宽度由样本各个属性的分布方差确定。根据FRBF网络输出为模糊基函数线性组合的特点,在后件参数学习中引入具有结构风险最小化和属性选择功能的稀疏V-SVM方法,在对输出层的参数进行学习的同时进行模糊基函数的约简。若干UCI标准数据集分类测试结果验证了该分类器的有效性。     

一种新的模糊支持向量机

基于类中心设计隶属度函数的模糊支持向量机能有效地解决支持向量机对噪声或孤立点敏感度高的问题,但是,由于它对支持向量赋予较小的隶属度,从而降低了其分类作用。基于此,提出一种新的隶属度函数设计方法;同时,针对模糊支持向量机普遍存在因核函数计算量大,而导致训练时间长的问题,通过使用一种高效的截集模糊C-均值聚类方法对训练样本进行聚类,然后以聚类中心作为样本进行训练,以减少训练样本来提高训练速度。根据上述新的隶属度函数设计方法和截集模糊C-均值聚类方法,构建了一种基于截集模糊C-均值聚类并改进了隶属度函数的模糊支持向量机,数值试验表明这种新的模糊支持向量机有效地提高了训练速度和分类精度。     

一种Vague集转化为Fuzzy集的方法

已存在的Vague集向Fuzzy集转化的多种模型都存在着一定缺陷。论文从另一种角度探讨了Vague集到Fuzzy集的转化,它把模糊隶属度看成是参数k的函数,这样在计算模糊隶属度时,只需给定满足条件的参数k即可;另一方面,在进行模糊信息处理时,会遇到一些不确定因素,如果所得到的模糊隶属度与实际结果有些偏差,可根据参数k的数学性质有目的地调整k,而不必去重新建立方法模型,因此,此方法比已存在方法灵活,适用;文章也对已有的转化方法与所提模型进行了比较,说明了所提模型的正确性及有效性。     

基于模糊数据挖掘和遗传算法的网络入侵检测技术

文章通过开发一套新的网络入侵检测系统来证实应用模糊逻辑和遗传算法的数据挖掘技术的有效性;这个系统联合了基于模糊数据挖掘技术的异常检测和基于专家系统的滥用检测,在开发异常检测的部分时,利用模糊数据挖掘技术来从正常的行为存储模式中寻找差异,遗传算法用来调整模糊隶属函数和选择一个合适的特征集合,滥用检测部分用于寻找先前行为描述模式,这种模式很可能预示着入侵,网络的通信量和系统的审计数据被用做两个元件的输入;此系统的系统结构既支持异常检测又支持滥用检测、既适用于个人工作站又可以适用于复杂网络。     

A multi-level ant-colony mining algorithm for membership functions

Fuzzy data mining is used to extract fuzzy knowledge from linguistic or quantitative data. It is an extension of traditional data mining and the derived knowledge is relatively meaningful to human beings. In the past, we proposed a mining algorithm to find suitable membership functions for fuzzy association rules based on ant colony systems. In that approach, precision was limited by the use of binary bits to encode the membership functions. This paper elaborates on the original approach to increase the accuracy of results by adding multi-level processing. A multi-level ant colony framework is thus designed and an algorithm based on the structure is proposed to achieve the purpose. The proposed approach first transforms the fuzzy mining problem into a multi-stage graph, with each route representing a possible set of membership functions. The new approach then extends the previous one, using multi-level processing to solve the problem in which the maximum quantities of item values in the transactions may be large. The membership functions derived in a given level will be refined in the subsequent level. The final membership functions in the last level are then outputted to the rule-mining phase to find fuzzy association rules. Experiments are also performed to show the performance of the proposed approach. The experimental results show that the proposed multi-level ant colony systems mining approach can obtain improved results.     

A continuous ant colony system framework for fuzzy data mining

The goal of data mining is to find out interesting and meaningful patterns from large databases. In some real applications, many data are quantitative and linguistic. Fuzzy data mining was thus proposed to discover fuzzy knowledge from this kind of data. In the past, two mining algorithms based on the ant colony systems were proposed to find suitable membership functions for fuzzy association rules. They transformed the problem into a multi-stage graph, with each route representing a possible set of membership functions, and then, used the any colony system to solve it. They, however, searched for solutions in a discrete solution space in which the end points of membership functions could be adjusted only in a discrete way. The paper, thus, extends the original approaches to continuous search space, and a fuzzy mining algorithm based on the continuous ant approach is proposed. The end points of the membership functions may be moved in the continuous real-number space. The encoding representation and the operators are also designed for being suitable in the continuous space, such that the actual global optimal solution is contained in the search space. Besides, the proposed approach does not have fixed edges and nodes in the search process. It can dynamically produce search edges according to the distribution functions of pheromones in the solution space. Thus, it can get a better nearly global optimal solution than the previous two ant-based fuzzy mining approaches. The experimental results show the good performance of the proposed approach as well.     

基于遗传优化与模糊规则挖掘的异常入侵检测

提出一种基于智能体进化计算框架与遗传模糊规则挖掘的异常入侵检测方法.通过应用模糊集分布策略、解释性的控制策略和模糊规则生成策略,实现了Agent之间的模糊集信息交换,从而有效地从网络数据中抽取正确的、可解释的模糊IF-THEN分类规则,优化了模糊系统的可解释性,并提高了系统的紧凑性.采用KDD-Cup99数据集进行测试,并与现有方法进行了比较,结果表明该方法对R2L的攻击检测性能稍弱,对DoS、Probe和U2R的攻击均具有较高的分类精度与较低的误报率.     

Genetic-fuzzy mining with multiple minimum supports based on fuzzy clustering

Data mining is the process of extracting desirable knowledge or interesting patterns from existing databases for specific purposes. Most of the previous approaches set a single minimum support threshold for all the items and identify the relationships among transactions using binary values. In real applications, different items may have different criteria to judge their importance. In the past, we proposed an algorithm for extracting appropriate multiple minimum support values, membership functions and fuzzy association rules from quantitative transactions. It used requirement satisfaction and suitability of membership functions to evaluate fitness values of chromosomes. The calculation for requirement satisfaction might take a lot of time, especially when the database to be scanned could not be totally fed into main memory. In this paper, an enhanced approach, called the fuzzy cluster-based genetic-fuzzy mining approach for items with multiple minimum supports (FCGFMMS), is thus proposed to speed up the evaluation process and keep nearly the same quality of solutions as the previous one. It divides the chromosomes in a population into several clusters by the fuzzy k-means clustering approach and evaluates each individual according to both their cluster and their own information. Experimental results also show the effectiveness and the efficiency of the proposed approach.     

An improved approach to find membership functions and multiple minimum supports in fuzzy data mining

Fuzzy mining approaches have recently been discussed for deriving fuzzy knowledge. Since items may have their own characteristics, different minimum supports and membership functions may be specified for different items. In the past, we proposed a genetic-fuzzy data-mining algorithm for extracting minimum supports and membership functions for items from quantitative transactions. In that paper, minimum supports and membership functions of all items are encoded in a chromosome such that it may be not easy to converge. In this paper, an enhanced approach is proposed, which processes the items in a divide-and-conquer strategy. The approach is called divide-and-conquer genetic-fuzzy mining algorithm for items with Multiple Minimum Supports (DGFMMS), and is designed for finding minimum supports, membership functions, and fuzzy association rules. Possible solutions are evaluated by their requirement satisfaction divided by their suitability of derived membership functions. The proposed GA framework maintains multiple populations, each for one item’s minimum support and membership functions. The final best minimum supports and membership functions in all the populations are then gathered together to be used for mining fuzzy association rules. Experimental results also show the effectiveness of the proposed approach.     

模糊数据挖掘和遗传算法在入侵检测中的应用

论述了数据挖掘和遗传算法在入侵检测中的应用，详细描述了模糊关联规则和模糊频繁序列挖掘，并进一步介绍了如何采用遗传算法优化模糊集合隶属函数，从而达到改善入侵检测系统性能的目的。     

Power quality time series data mining using S-transform and fuzzy expert system

This paper presents a new approach for power quality time series data mining using S-transform based fuzzy expert system (FES). Initially the power signal time series disturbance data are pre-processed through an advanced signal processing tool such as S-transform and various statistical features are extracted, which are used as inputs to the fuzzy expert system for power quality event detection. The proposed expert system uses a data mining approach for assigning a certainty factor for each classification rule, thereby providing robustness to the rule in the presence of noise. Further to provide a very high degree of accuracy in pattern classification, both the Gaussian and trapezoidal membership functions of the concerned fuzzy sets are optimized using a fuzzy logic based adaptive particle swarm optimization (PSO) technique. The proposed hybrid PSO-fuzzy expert system (PSOFES) provides accurate classification rates even under noisy conditions compared to the existing techniques, which show the efficacy and robustness of the proposed algorithm for power quality time series data mining.     

An ACS-based framework for fuzzy data mining

Data mining is often used to find out interesting and meaningful patterns from huge databases. It may generate different kinds of knowledge such as classification rules, clusters, association rules, and among others. A lot of researches have been proposed about data mining and most of them focused on mining from binary-valued data. Fuzzy data mining was thus proposed to discover fuzzy knowledge from linguistic or quantitative data. Recently, ant colony systems (ACS) have been successfully applied to optimization problems. However, few works have been done on applying ACS to fuzzy data mining. This thesis thus attempts to propose an ACS-based framework for fuzzy data mining. In the framework, the membership functions are first encoded into binary-bits and then fed into the ACS to search for the optimal set of membership functions. The problem is then transformed into a multi-stage graph, with each route representing a possible set of membership functions. When the termination condition is reached, the best membership function set (with the highest fitness value) can then be used to mine fuzzy association rules from a database. At last, experiments are made to make a comparison with other approaches and show the performance of the proposed framework.