摘要
实现了一种粗糙集属性约简和支持向量机分类相结合的异常入侵检测方法。针对网络连接记录特征属性高维的特点,采用粗糙集属性约简的方法压缩数据空间,然后采用v-SVM两分类方法处理约简和正规化后的数据。基于DARPA1998数据源的实验表明,与采用全部属性的v-SVM两分类方法相比,该方法具有与之相当的分类精度,但有效地降低了检测时间,减少了存储空间。
This paper presented the implementation of a hybird anomaly intrusion detection technique based on rough set attribute reduction and support vector machine(SVM). According to the high dimension of network records with feature attributes,the rough set attribute reduction approach is firstly utilized to reducing data space and then the υ- SVM algorithm is introduced into processing normalized data set. Experiments on DARPA 1998 data set show that the proposed anomaly detection technique achieves a comparable precise detection rate as the υ-SVM algorithm based on all feature attributes, however, evidently decreases detection time as well as storage space.
出处
《计算机科学》
CSCD
北大核心
2006年第6期64-68,共5页
Computer Science
基金
国家自然科学基金项目(60372039)
"十五"国防预研基金项目(41329080101)资助。
