| 一种半聚类的异常入侵检测算法 |
| |
| 引用本文: | 俞研,黄皓. 一种半聚类的异常入侵检测算法[J]. 计算机应用, 2006, 26(7): 1640-1642 |
| |
| 作者姓名: | 俞研 黄皓 |
| |
| 作者单位: | 南京大学,计算机软件新技术国家重点实验室,江苏,南京,210093;南京大学,计算机科学与技术系,江苏,南京,210093;南京大学,计算机软件新技术国家重点实验室,江苏,南京,210093;南京大学,计算机科学与技术系,江苏,南京,210093 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划);江苏省高技术研究发展计划项目 |
| |
| 摘 要: | 针对基于监督学习的入侵检测算法所面临的训练样本不足的问题,提出了一种结合改进k 近邻法的基于半监督聚类的异常入侵检测算法,利用少量的标记数据改善算法的学习能力,并实现了对新攻击类型的检测。实验结果表明,在标记数据极少的情况下,算法的检测结果明显好于非监督学习的算法,接近于监督学习的检测算法。
|
| 关 键 词: | 入侵检测 半监督聚类 新攻击检测 |
| 文章编号: | 1001-9081(2006)07-1640-03 |
| 收稿时间: | 2006-01-10 |
| 修稿时间: | 2006-01-10 |
An anomaly intrusion detection algorithm based on semi-supervised clustering |
| |
| YU Yan,HUANG Hao. An anomaly intrusion detection algorithm based on semi-supervised clustering[J]. Journal of Computer Applications, 2006, 26(7): 1640-1642 |
| |
| Authors: | YU Yan HUANG Hao |
| |
| Affiliation: | 1. State Key Laboratory for Novel Software Technology, Nanfing University, Nanjing Jiangsu 210093, China; 2. Department of Computer Science and Technology, Nanfing University, Nanjing Jiangsu 210093, China |
| |
| Abstract: | An anomaly intrusion detection algorithm based on semi-supervised clustering along with k-nearest neighbor was presented. It could solve the problem of the insufficiency of training samples that the intrusion detection algorithms based on supervised learning face. The algorithm exploited minimal labeled data to improve its learning capability, and novelty detection could also be carried out. The experiment results manifest that the detection results of the algorithm precedes the one based on unsupervised learning remarkably, and approaches the one based on supervised learning while the labeled data are few. |
| |
| Keywords: | intrusion detection semi-supervised clustering novelty detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
|
