摘要
支持向量机作为统计学习理论中的新内容,在小样本条件下具有良好的学习性能。本文以进程调度序列作为审计数据,利用支持向量机实现网络入侵检测,对有限样本进行训练,对未知样本进行检测,并研究核函数、训练样本数量对检测正确率的影响。实验仿真表明,该方法具有较高的检测正确率。
Support vector machine has good generalization ability when the sample size is small. A method of intrusion detect is given which uses process calls sequence as audit data in this article. And it also analyzes some factors on accuracy of detect, the choice of kernel function and the number of training samples is discussed. Experiment results show that the method has good performance.
出处
《计算技术与自动化》
2006年第4期119-122,共4页
Computing Technology and Automation
关键词
进程调用序列
支持向量机
入侵检测
核函数
intrusion detection
support vector machine
process calls sequence
kernel function