基于改进NB分类方法的网络异常检测模型被引量：2

Network Anomaly Detection Model Based on Improved Nave Bayesian Classifier

下载PDF

导出

摘要随着计算机网络和分布式应用的复杂化和多样化,智能化网络异常检测技术逐渐成为有效监测和控制系统的重要方法。该文提出基于改进NB分类方法的网络异常检测算法,采用互信息的方法对网络属性进行关键特征提取。实验结果表明,该异常检测方法对DoS和Probing类攻击的检测率较高,具有较低的虚警率。 Due to the diversity and quickly growth of modem network and distributed systems, intelligent anomaly detection can play an important role in monitoring and controlling network systems. This paper presents a network anomaly detection model based on enhanced Nal＇ve Bayesian classifier. Mutual information in information theory is used as basis of the algorithm of feature selection. Experimental results show that the network anomaly detection model performs better in detection of DoS and probing attack, and has lower false positive.

作者宿娇娜李程李巍唐发根李云春

机构地区北京航空航天大学计算机学院

出处《计算机工程》 CAS CSCD 北大核心 2008年第5期148-149,152,共3页 Computer Engineering

基金国家"863"计划基金资助项目"支持大规模分布式网络应用的自主计算环境的研究"(2003AA115230)

关键词网络异常检测朴素贝叶斯分类方法特征选择互信息 network anomaly detection Naive Bayesian classifier feature selection mutual information

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献13

1Gavalas D, Greenwood D, Ghanbari M. Advanced Network Monitoring Applications Based on Mobile/Intelligent Agent Technology[J]. Computer Communications, 2002, 34(23): 720-730.
2Tagliaferri R, Eleuteri A, Meneganti M, et al, Fuzzy Min-max Neural Network: From Classification to Regression[J]. Soft Computing, 2001, 4(5): 69-76.
3Basseville M,. Nikiforov I V. Detection of Abrupt Changes Theory and Application[M]. New York: Prentice Hall, 1993.
4Iserman R. Process Fault Detection Based on Modeling and Estimation and Knowledge Processing[J]. Tutorial Paper Automatic, 1999, 29(4): 815-835.
5Siraj A, Bridges S M. Fuzzy Cognitive Maps for Decision Support in an Intelligent Intrusion System[C]//Proc. of ISFA World Congress and the 20th NAFIPS International Conference. Washington D. C., USA: [s. n.], 2001: 2165-2170.
6Gurer D, Khan I, Ogier R, et al. An Artificial Intelligence Approach to Network Fault Management[EB/OL]. (2003-02-01). http:// citeseer.nj,nec.com/105695.html.
7Forrest S, Perrelason A S, Allen L, et al. Self-nonself Discrimination in a Computer[C]//Proceedings of the 1994 IEEE Symposium on Research in Security and Privacy. New Orleans, USA: [s. n.], 1994:202-212.
8Ghosh A K, Michael C, Schatz M. A Real-time Intrusion Detection System Based on Learning Program Behavior[C]//Proceedings of Recent Advances in Intrusion Detection. Piscataway NJ, USA: [s. n.], 93-109.
9Lee W, Stolfo S J. A Data Mining Framework for Building Intrusion Detection Model[C]//Proceedings of the 1999 IEEE Symposium on Security and Privacy. New Orleans, USA:[s. n.], 1999: 120-132.
10Pearl J. Probabilistic Reasoning in Intelligent Systems[M]. San Francisco: Morgan Kaufman Publishers, 1988.

同被引文献17

1李昆仑,黄厚宽,田盛丰,刘振鹏,刘志强.模糊多类支持向量机及其在入侵检测中的应用[J].计算机学报,2005,28(2):274-280. 被引量：49
2陈治平,王雷,李志成.基于密度梯度的聚类算法研究[J].计算机应用,2006,26(10):2389-2392. 被引量：4
3KRUGEL C, TOTH T, KIRDA E. Service specific anomaly detection for network intrusion detection[ C]//Proceedings of the 2002 ACM Symposium on Applied Computing. New York: ACM Press, 2002:201 -208.
4LEE W, STOLFO S J. A framework for constructing features and models for intrusion detection systems[ J]. ACM Transactions on Information and System Security, 2000, 3(4) : 227 - 261.
5DU QIANG, GUNZBERGER M, JU LILI, et al. Centroidal Voronoi tessellation algorithms for image compression, segmentation, and multichannel restoration [ J }. Journal of Mathematical Imaging and Vision, 2006, 24(2): 177-194.
6PORTNOY L, ESKIN E, STOLFO S J. Intrusion detection with unlabeled data using clustering. [ EB/OL]. [ 2009 - 04 - 15]. http:// sneakers, cs. columbia, edu/ids/publications/cluster-ccsdmsa01, pdf.
7Bace R G.Intrusion Detection[M].[S.l.]: Macmillan Technical Publishing,2000.
8Ramadas M S.Ostermann S,Tjaden B.Detecting Anomalous Network Traffic with Self-organizing Maps[C]//Proc.of the 6th International Symposium on Recent Advances in Intrusion Detection.[S.l.]: Springer-Verlag,2003.
9Fukunaga F,Narendra P M.A Branch and Bound Algorithm for Computing K-nearest Neighbors[J].IEEE Trans.on Computers.1975,24(7):750-753.
10UCI KDD Archive.KDD Cup 1999 Data[EB/OL].[2009-10-28].http://kdd.ics.uci.edu/ databases/kddcup99/kddcup99.html.

引证文献2

1王雷,侯瀚雨.基于质心Voronoi图的网络异常检测算法[J].计算机应用,2010,30(1):178-180. 被引量：1
2贾伟峰,王勇,张凤荔,童彬.基于特征压缩与分支剪裁的网络异常检测算法[J].计算机工程,2010,36(21):137-139.

二级引证文献1

1李小雷,王雷.基于各向异性质心Voronoi图的网络异常检测技术[J].计算机应用,2011,31(9):2359-2361.

1陈叶旺,余金山.一种改进的朴素贝叶斯文本分类方法[J].华侨大学学报（自然科学版）,2011,32(4):401-404. 被引量：11
2杜选.基于加权补集的朴素贝叶斯文本分类算法研究[J].计算机应用与软件,2014,31(9):253-255. 被引量：13
3何敏,武德安,吴磊.基于MapReduce的平均多项朴素贝叶斯文本分类[J].计算机应用研究,2016,33(1):115-117. 被引量：5
4马骥,乔双,李丹.基于Web的嵌入式DSP测控系统设计[J].东北师大学报（自然科学版）,2007,39(1):41-45. 被引量：3
5熊志斌,朱剑锋,尹成国,王冬.基于Weka的旅游突发事件自动分类研究[J].软件导刊,2016,15(4):154-156.
6王雷,侯瀚雨.基于质心Voronoi图的网络异常检测算法[J].计算机应用,2010,30(1):178-180. 被引量：1
7李红彪,张洪业.QPSO算法在朴素贝叶斯分类上的应用研究[J].哈尔滨理工大学学报,2010,15(4):86-88. 被引量：1
8李小雷,王雷.基于各向异性质心Voronoi图的网络异常检测技术[J].计算机应用,2011,31(9):2359-2361.
9马恺.不确定数据的朴素贝叶斯分类[J].洛阳师范学院学报,2016,35(2):19-21. 被引量：1
10任喜峰.基于朴素贝叶斯分类的考试成绩监测机制的研究[J].科技信息,2007(1):37-38. 被引量：1

计算机工程

2008年第5期

浏览历史

内容加载中请稍等...

基于改进NB分类方法的网络异常检测模型被引量：2

参考文献13

同被引文献17

引证文献2

二级引证文献1

相关作者

相关机构

相关主题

浏览历史

基于改进NB分类方法的网络异常检测模型 被引量：2

参考文献13

同被引文献17

引证文献2

二级引证文献1

相关作者

相关机构

相关主题

浏览历史

基于改进NB分类方法的网络异常检测模型被引量：2