| 一种面向网络入侵检测的特征选择方法 |
| |
| 引用本文: | 赵新星,姜青山,陈路莹,胡海斌.一种面向网络入侵检测的特征选择方法[J].计算机研究与发展,2009,46(Z2). |
| |
| 作者姓名: | 赵新星 姜青山 陈路莹 胡海斌 |
| |
| 作者单位: | 1. 厦门大学软件学院,福建厦门,361005
2. 厦门大学软件学院,福建厦门,361005;成都大学,成都,610106 |
| |
| 基金项目: | 国家自然科学基金项目 |
| |
| 摘 要: | 在网络入侵检测中,不相关或冗余的特征使得检测变得越来越困难,为了提高检测的精度和效率,提出了一种新的网络入侵检测的特征选择方法.该方法首先利用粗糙集理论的特性对特征进行筛选;然后利用遗传算法在解决NP问题上的并行性、鲁棒性和全局优化搜索等特点,在剩余的特征子集中寻找最优子集.考虑到早熟问题会使遗传算法陷入局部最优,采用对种群聚类的方式建立自适应的交叉、变异率,种群个体交叉时在不同的类内随机选择从而保证群体多样性,每次迭代均保留父代的最优个体.在入侵检测的经典数据集KDD CUP 99上检验了算法的有效性,使用SVM分类器对选出的特征子集进行性能评估.实验结果表明,该方法与相关研究对比提高了入侵检测系统的精度和效率.
|
| 关 键 词: | 数据挖掘 入侵检测 特征选择 粗糙集 遗传算法 |
A Feature Selection Method for Network Intrusion Detection |
| |
| Zhao Xinxing,Jiang Qingshan,Chen Luying,Hu Haibin.A Feature Selection Method for Network Intrusion Detection[J].Journal of Computer Research and Development,2009,46(Z2). |
| |
| Authors: | Zhao Xinxing Jiang Qingshan Chen Luying Hu Haibin |
| |
| Abstract: | In the process of intrusion detection,1arge numbers of irrelevant or redundant features make the detection more and more difficult.In this paper,a new feature selection algorithm is proposed.Firstly the features are reduced based on the rough set theory.After that,genetic algorithms are used to find the best subset in the remnant.In order to get the optimum result,clustering is adopted to create adaptive crossing and mutation probability,different kinds are chosen when crossing to guarantee diversity,and the classic individual is kept in every repetition.At last,the classical KDD CUP 99 dataset is used in the intrusion detection experiments and the SVM classifier is used for estimating the validity of our reduced features.Experimental results indicate that the proposed approach can reduce the complexity of intrusion detection system and increase the detection rate comparing with other methods. |
| |
| Keywords: | data mining intrusion detection feature selection rough set genetic algorithm |
| 本文献已被 万方数据 等数据库收录! |
|
