期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

AdaBoost算法在网络入侵检测中的实验研究 被引量:2

ON EXPERIMENTING ADABOOST ALGORITHM IN NETWORK INTRUSION DETECTION
下载PDF
导出
摘要 提高入侵检测系统的检测率并降低误报率是一个重要的研究课题。在对稀有类分类问题研究的基础上,将集成学习应用到入侵检测中,采用对高速网络数据进行分流的检测模型,把网络数据包按照协议类型进行分类,然后交给各个检测器,每个检测器以C4.5分类器作为弱分类器,用集成学习AdaBoost算法构造一个加强的总检测函数。进一步用SMOTE技术合成稀有类,在KDD‘99数据集上进行了仿真实验,结果表明这种方法可有效提高稀有类的检测率。 It is an important research topic to improve detection rate and reduce false alarm rate in the field of intrusion detection.Basing on in-depth research on rare classes classification and applying ensemble learning to intrusion detection,we utilise the detection model which splits data stream in high speed network to classify the network data packets according to their protocol types,and then forward them to each detector.Each detector takes C4.5 classifier as the weak classifier and forms an enhanced general detection function by ensemble learning AdaBoost algorithm.We also further compose rare classes with the SMOTE technique,and make simulation experiments on KDD‘99 dataset.Experiment results indicate that this method can effectively improve the detection rate of rare classes.
作者 赵月爱 陈俊杰
机构地区 太原理工大学计算机与软件学院 太原师范学院计算机系
出处 《计算机应用与软件》 CSCD 2010年第4期127-129,共3页 Computer Applications and Software
基金 山西省青年自然科学基金项目(2008021025) 山西省高等学校科技项目(20091145)
关键词 入侵检测 稀有类 集成学习 C4.5算法 ADABOOST算法 Intrusion detection Rare class Ensemble learning C4.5 algorithm AdaBoost algorithm
分类号 TP301.6 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献5

  • 1赵月爱,彭新光.高速网络环境下的入侵检测技术研究[J].计算机工程与设计,2006,27(16):2985-2987. 被引量:15
  • 2杨武,云晓春,李建华.一种基于强化规则学习的高效入侵检测方法[J].计算机研究与发展,2006,43(7):1252-1259. 被引量:12
  • 3王珏,周志华,周傲英.机器学习及其应用[M].清华大学出版社,2006:170-171.
  • 4Freund Y,Schapire R E.A decision-theortic generalization of on-line learning and an application to boosting[C]//proceedings of the 2nd European Conference on Computational learning Theory.(Conf Euro COLT96),Barcelona,Spain:23-37.
  • 5Chawla N V,Bowyer K W,Hall L O,et al.SMOTE:Synthetic Minority Over-sampling Technique[J].Journal of Artificial Intelligence Research,2002,16:321-357.

二级参考文献26

  • 1李仁发,李红,喻飞,徐成.入侵检测系统中负载均衡研究与仿真[J].系统仿真学报,2004,16(7):1444-1449. 被引量:9
  • 2K. Illgun, R. Kemmerer, P. A. Porras. State transition analysis: A rule-based intrusion deteetion approaeh [J]. IEEE Trans. Software Engineering, 1995, 21(3): 181-199
  • 3K. Sequeira, M. Zaki. ADMIT: Anomaly-based data mining for intrusions[C]. In: Proc. 8th ACM SIGKDD Int'l Conf.Knowledge Discovery and Data Mining. New York: ACM Press,2002. 386-395
  • 4J. P. Anderson, et al. Detecting unusual program behavior using the statistical components of NIDES [OL]. http://www.sdl. sri.com/papers/5sri/5sri, pdf, 1995
  • 5H. Debar, M. Becker, D. Siboni. A neural network component for an intrusion detection system [C]. In: Proc. 1992 IEEE Symposium on Security and Privacy. Los Alamitos: IEEE Computer society Press, 1992. 240-251
  • 6C. Taylor, J. A. Foss. NATE: Network analysis of anomalous traffic events: A low-cost approach [C]. In: Proc. New Security Paradigms Workshop. New York: ACM Press, 2002. 89-96
  • 7S. J. Stolfo, A. L. Prodromidis, S. Tselepis, et al. JAM.' Java agent for meta-learning over distributed databases [C]. In: Proc.KDD-97 and AAAI'97 Workshop on AI Methods in Fraud and Risk Management. Menlo Park, CA: AAAI Press, 1997. 74-81
  • 8W. W. Cohen. Efficient rule induction [C]. In: Proc. 12th Int'l Conf. Machine Learning. San Francisco: Morgan Kaufmann,1995. 115-123
  • 9L. Wenke, S. J. Stolfo, K. W. Mok. A data mining framework for building intrusion detection models[C]. In: Proc. 1999 IEEE Symposium on Security and Privacy. Piscataway, N J: IEEE Press, 1999. 120-132
  • 10R. E. Schapire. The strength of weak learnability [J]. Machine Learning, 1990, 5(2): 197-227

共引文献24

同被引文献20

引证文献2

二级引证文献4

计算机应用与软件
2010年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部