| 主成分分析的入侵检测方法研究 |
| |
| 引用本文: | 黄俊,陈光平,凌晓路. 主成分分析的入侵检测方法研究[J]. 中国计量学院学报, 2007, 18(3): 221-224 |
| |
| 作者姓名: | 黄俊 陈光平 凌晓路 |
| |
| 作者单位: | 中国计量学院,信息工程学院,浙江,杭州,310018 |
| |
| 摘 要: | 直接将入侵检测算法应用在粗糙数据上,其入侵检测分析的效率非常低.为解决该问题,提出了一种基于主成分分析的入侵检测方法.该方法通过提取网络连接中的相关信息,对它进行解码,并将解码的网络连接记录与已知的网络连接记录数据进行比较,发现记录中的变化和连接记录分布的主成分,最后将机器学习方法和主成分分析方法结合实现入侵检测.实验结果表明该方法应用到各种不同KDD99入侵检测数据集中可以有效减少学习时间、降低各种数据集的表示空间,提高入侵检测效率.
|
| 关 键 词: | 入侵检测 主成分分析 决策树方法 |
| 文章编号: | 1004-1540(2007)03-0221-04 |
| 修稿时间: | 2007-06-23 |
Intrusion detection based on principal component analysis |
| |
| HUANG Jun,CHEN Guang-ping,LIN Xiao-lu. Intrusion detection based on principal component analysis[J]. Journal of China Jiliang University, 2007, 18(3): 221-224 |
| |
| Authors: | HUANG Jun CHEN Guang-ping LIN Xiao-lu |
| |
| Affiliation: | College of Information Engineering, China Jiliang University, Hangzhou 310018, China |
| |
| Abstract: | Applying the intrusion detecting algorithms directly on rough data for anomaly intrusion detection suffers from very low efficiency. A novel approach based on principal component analysis is conducted. With this approach relevant information was extracted and encoded in a network connection record. One network connection record encoding was compared with a database of network connection records. It captured the variation in a collection of connection records and find the principal components of the distribution of the connection records and detectes the anomaly behaviors efficiently by machine learning approch combined with PCA on the new feature space. Experimental results demonstrate that the approach can decrease the learning time and the space representation of different datasets when applying the methods with a combination with principal component analysis on different KDD99 cup datasets. |
| |
| Keywords: | intrusion detection principal component analysis decision trees |
| 本文献已被 维普 万方数据 等数据库收录! |
|
