| 基于非监督学习的入侵分析新方法 |
| |
| 引用本文: | 韦相和,李千目,张宏. 基于非监督学习的入侵分析新方法[J]. 计算机应用研究, 2007, 24(7): 146-150 |
| |
| 作者姓名: | 韦相和 李千目 张宏 |
| |
| 作者单位: | 淮阴师范学院,江苏,淮安,223001;南京理工大学,江苏,南京,210094 |
| |
| 基金项目: | 江苏省教育厅自然科学基金 |
| |
| 摘 要: | 提出一种新的基于非监督学习的入侵分析方法.该方法具有发现未知攻击类型的能力,既可以作为独立的分析方法使用,又可以作为基于数据融合的入侵检测的一个分析引擎.在该方法中,核心非监督学习算法采用最大最小距离算法,同时融合非线性的归一化预处理和非数值型特征的有效编码等技术.与同类方法相比,该方法检测率较高,尤其是对于DoS和Probing两大类攻击效果更好.
|
| 关 键 词: | 入侵检测 非监督学习 机器学习 |
| 文章编号: | 1001-3695(2007)07-0146-05 |
| 修稿时间: | 2006-08-042007-02-26 |
New Intrusion Detection Method Based on Unsupervised Learning |
| |
| WEI Xiang he,LI Qian mu,ZHANG Hong. New Intrusion Detection Method Based on Unsupervised Learning[J]. Application Research of Computers, 2007, 24(7): 146-150 |
| |
| Authors: | WEI Xiang he LI Qian mu ZHANG Hong |
| |
| Abstract: | A new detection method based on unsupervised learning was designed and implemented,which had the ability of discovering unknown kinds of attacks.It could be used not only as an independent analysis method,but also as an IDE(Intrusion Detection Engine) in intrusion detection based on data fusion.In method,max-min distance algorithm was employed as the core clustering algorithm,and some other techniques were also involved,such as nonlinear normalization pretreatment,efficiency coding of non-numerical feature etc.Its detection rate is distinctively higher than that of similar methods under the same experimental conditions,at the same false positive rate,especially for attacks from DoS and Probing. |
| |
| Keywords: | intrusion detection unsupervised learning machine learning |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
