|
|||||
|
|
| TCM-KNN网络异常检测算法优化研究 | |
| 引用本文: | 李 洋,郭 莉,陆天波,田志宏.TCM-KNN网络异常检测算法优化研究[J].通信学报,2009,30(7):13-19. |
| 作者姓名: | 李 洋 郭 莉 陆天波 田志宏 |
| 作者单位: | 1. 中国科学院,计算技术研究所,北京,100190;中国科学院,研究生院,北京,100039 2. 中国科学院,计算技术研究所,北京,100190 3. 国家计算机网络应急技术处理协调中心,北京,100029 |
| 基金项目: | 国家重点基础研究发展规划(973计划),国家自然科学基金 |
| 摘 要: | 基于TCM-KNN(transductive confidence machine for K-nearest neighbors)网络异常检测方法,采用过滤器模式的特征选择方法和基于聚类的样本选择方法分别从精简异常检测的特征空间以及选择使用少量高质量的训练样本进行训练,从而高效地对网络异常进行检测.基于著名的KDD Cup 1999数据集的实验表明:这2种优化方法在保证TCM-KNN异常检测算法高检测率和低误报率的前提下,极大地减少了该算法的训练开销和检测开销,因而该轻量级检测方法适用于现实的网络应用环境. |
| 关 键 词: | 网络安全 异常检测 TCM-KNN算法 特征选择 样本选择 |
Research on performance optimizations for TCM-KNN network anomaly detection algorithm |
|
| LI Yang,GUO Li,LU Tian-bo,TIAN Zhi-hong.Research on performance optimizations for TCM-KNN network anomaly detection algorithm[J].Journal on Communications,2009,30(7):13-19. | |
| Authors: | LI Yang GUO Li LU Tian-bo TIAN Zhi-hong |
| Abstract: | Based on TCM-KNN (transductive confidence machine for K-nearest neighbors) algorithm, the filter-based feature selection and cluster-based instance selection methods were used towards optimizing it as a lightweight network anomaly detection scheme, which not only reduced its complex feature space, but also acquired high quality instances for training. A series of experimental results demonstrate the two methods for optimizations are actually effective in greatly reducing the computational costs while ensuring high detection performances for TCM-KNN algorithm. Therefore, the two methods make TCM-KNN be a good scheme for a lightweight network anomaly detection in practice. |
| Keywords: | network security anomaly detection TCM-KNN algorithm feature selection instance selection |
| 本文献已被 万方数据 等数据库收录! | |
| 点击此处可从《通信学报》浏览原始摘要信息 | |
| 点击此处可从《通信学报》下载全文 | |