| 一种基于信息论模型的入侵检测特征提取方法 |
| |
| 引用本文: | 宋勇,蔡志平.一种基于信息论模型的入侵检测特征提取方法[J].电子科技大学学报(自然科学版),2018,47(2):267-271. |
| |
| 作者姓名: | 宋勇 蔡志平 |
| |
| 作者单位: | 1.湖南民族职业学院工程技术系 湖南 岳阳 414000 |
| |
| 基金项目: | 国家自然科学基金601379145 |
| |
| 摘 要: | 在网络入侵检测中,由于原始数据特征维度高和冗余特征多,导致入侵检测系统的存储负担增加,检测分类器性能降低。针对该问题本文提出了一种基于信息论模型的入侵检测特征提取方法。它以具有最大信息增益的特征为搜索起点,利用搜索策略和评估函数迭代调整数据集分类标记、已选取特征子集和候选特征三者之间的相关度,最后通过终止条件确定选取特征子集。以入侵检测样本数据集为实验数据,将该方法选取的特征向量运用到支持向量机分类算法中,在特征维度大幅度降低的情况下,检测精度变化很小。实验结果证明了本方法的有效性。
|
| 关 键 词: | 特征选择 信息熵 入侵检测 互信息 半监督 |
| 收稿时间: | 2017-01-13 |
An Intrusion Detection Feature Extraction Method Based on Information Theory Model |
| |
| Affiliation: | 1.Department of Engineering Technology, Hunan Vocational College for Nationalities Yueyang Hunan 4140002.College of Computer, National University of Defense Technology Changsha 410073 |
| |
| Abstract: | In the network intrusion detection, because of the high dimensionality and redundant features of the original data, the storage burden of the intrusion detection system is increased, and the performance of the classifier is reduced. Aiming at this problem, this paper proposes an intrusion detection feature extraction method based on information theory model. The method starts with the feature of maximum information gain, and then iteratively adjusts the correlation among the classification mark of the data set, selected feature subset and candidate feature by search strategies and evaluation functions. Finally, the feature subset is determined by terminating conditions. In the experiment, we chose sample dataset for intrusion detection as the experimental data, and apply feature vector selected by the method to the support vector machine classification algorithm. It is found that the detection accuracy is almost unchanged, in the case that the dimension of the feature is greatly reduced. The results show the validity of the method. |
| |
| Keywords: | |
|
| 点击此处可从《电子科技大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《电子科技大学学报(自然科学版)》下载全文 |
