摘要
传统入侵检测的特征选择方法不但与评估数据的统计特性有关,还与检测算法有关。提出了一种独立于检测算法的入侵检测特征参数选择方法。该方法以入侵检测模型为基础,信息熵为准则。仿真结果显示出用所选特征参数进行检测,不但保证了检测的正确率,而且提高了检测速度,减小了内存资源的占用。
Feature selection methods for intrusion detection now available are influenced by the statistical characteristics of evaluation data and the detection methods. A feature selection method independent of detection method is presented. The method is based on the intrusion detection model and the entropy is used as the criterion. The simulation results show that it is effective to increase the detection speed and reduce of the memory, without sacrificing the detection correctness by using the selected features based on entropy.
出处
《系统工程与电子技术》
EI
CSCD
北大核心
2006年第4期599-601,610,共4页
Systems Engineering and Electronics
基金
"十五"军事通讯预研资助课题(4100104030)
关键词
网络安全
入侵检测
熵
特征选择
network security
intrusion detection
entropy
feature selection