摘要
提出了一种基于TCM-KNN的网络异常检测新方法,并采用遗传算法选择使用少量高质量的训练样本进行建模,从而有效地对入侵进行检测。大量基于著名的KDD Cup 1999数据集的实验表明:其相对于传统的异常检测方法在保证较高检测率的前提下,有效地降低了误报率;并且,在采用选择后的训练集优化处理后,其性能没有明显的削减,因而相对于传统方法更为适用于现实的网络应用环境。
A network anomaly detection scheme based on TCM-KNN algorithm was proposed. Moreover, genetic algorithm (GA) based instance selection was introduced to boost the detection performance, meanwhile reduce the computational cost for TCM-KNN. A series of experimental results demonstrate the proposed method is effective, the instance selection mechanism also improves TCM-KNN and makes it be a good candidate for anomaly detection in practice.
出处
《通信学报》
EI
CSCD
北大核心
2007年第12期48-52,共5页
Journal on Communications
基金
国家重点基础研究发展计划("973"计划)基金资助项目(2007CB311100)~~
