| One-Class分类器及其在异常检测中的应用 |
| |
| 引用本文: | 潘志松,胡谷雨,端义锋.One-Class分类器及其在异常检测中的应用[J].北京邮电大学学报,2004,27(Z2):65-68. |
| |
| 作者姓名: | 潘志松 胡谷雨 端义锋 |
| |
| 作者单位: | 解放军理工大学,指挥自动化学院,南京,210007 |
| |
| 摘 要: | 由于攻击数据难以获取,往往只能得到一类数据,即正常网络数据,这也是模式识别领域的单类问题(one-class)要解决的问题.本文改造了传统的SOM(自组织特征映射)模型,建立了基于SOM的单类分类器,并对其进行了改进.通过对入侵检测标准评估数据集上的测试,在保证总体性能的情况下,模型对选择的3种攻击的平均检测率保持在98%以上,而误报警率在4%左右.
|
| 关 键 词: | 信息安全 入侵检测 自组织特征映射 单类分类器 |
| 文章编号: | 1007-5321(2004)增-0065-04 |
| 修稿时间: | 2004年9月2日 |
One-Class Classification and Its Application in the Abnormal Detection |
| |
| PAN Zhi-song,HU Gu-yu,DUAN Yi-feng.One-Class Classification and Its Application in the Abnormal Detection[J].Journal of Beijing University of Posts and Telecommunications,2004,27(Z2):65-68. |
| |
| Authors: | PAN Zhi-song HU Gu-yu DUAN Yi-feng |
| |
| Abstract: | The present abnormal detection system is designed to set up binary classifier to identify the normal data and the abnormal based on the large amount of history data. We design a one-class classifier which can resolve the one-class problem in IDS(intrusion detection system). One-class classification can build the normal patterns by only using the pure normal network packets. In the experiments, the one-class classifier, based on improved SOM(self-organizing maps) algorithm, gains 98% detection rate and 4% false alarm rate for 3 typical types of attacks, remaining the global performance of the model. |
| |
| Keywords: | intrusion detection system self-organizing maps one-class classifier |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
