摘要
论文提出了一种改进的SVM方法并将其运用于计算机系统的异常检测。该方法在特定概率指导下收集有效样本组成缩减集,并采取Bagging机制改善分类效果,它在降低时空代价的同时仍能获得出色的结果。利用DARPA数据进行的检测实验结果表明,该改进SVM方法在入侵检测应用中具有良好的性能,且优于原SVM方法。
An improved SVM method and its application in anomaly detection of computer system are put forward in this article, In the method, effective records are collected with the guidance of specific probabilities to form reduced training set and ensembles with bagging are adopted to improve classifying. It gains great results and meanwhile cuts down the cost. The testing results on DARPA dataset show that this method can achieve good performance in intrusion detection and works better than original SVM methods.
出处
《信息安全与通信保密》
2006年第12期139-141,共3页
Information Security and Communications Privacy
关键词
入侵检测
异常检测
支持向量机
缩减训练集
Intrusion Detection
Anomaly Detection
Support Vector Machine
Reduced Training Set