摘要
构造了一种基于异构数据距离的径向基核函数,可直接应用于异构的网络数据,并利用实验数据得到修正的基于异构数据距离的径向基核函数(IHVDMRBF),从而减少了支持向量的个数,降低了运算量.采用IHVDMRBF核函数和一对一方法构造了多分类支持向量机来进行网络入侵检测,检测选用美国国防部高级研究计划局入侵检测评测数据.结果表明:与Ambwani方法比较,其检测精度提高了约3%,支持向量个数减少了268个,检测时间缩短了5min;与Lee方法比较,其拒绝服务攻击、远程到本地攻击和普通用户到超级用户攻击的检测精度分别高出73%、19%和3%.
Based on heterogeneous value difference metric (HVDM), a radial basis function (RBF) named HVDM-RBF, was constructed to deal with heterogeneous network data directly. Using the experimental data, an improved HVDM-RBF was obtained as a new kernel function, I-HVDM-RBF, which decreases the number of support vectors and reduces the workload. The multi-class support vector machine was designed to detect network intrusion by using one-against-one method and I-HVDM-RBF. Defense Advanced Research Projects Agency intrusion detection evaluating data was used for detecting. The testing results show that the detection precision is increased by 3%, the number of support vectors and testing time are decreased about 268 and 5 minutes respectively by contrast with the Ambwani method and the detection precisions of denial-of-serve, remote-to-local, and user-to-root attacks are improved about 73%, 19% and 3% respectively compared with the method of Lee, which confirms the good performance of the proposed method.
出处
《西安交通大学学报》
EI
CAS
CSCD
北大核心
2005年第6期562-565,共4页
Journal of Xi'an Jiaotong University
基金
国家重点基础研究发展规划资助项目(2001CB309403)
国家高技术研究发展计划资助项目(2001AA140213).
