摘要
本文针对入侵检测系统中的误检率,提出了一种将BP网络和改进的PSO算法相结合的方法。该方法基于BP网络算法的局部精确搜索和改进的PSO算法的全局搜索的特性,并且用改进的PSO算法优化BP网络的权值、阈值,克服BP网络算法易陷入局部极值的弊端。在入侵检测系统中应用该网络结构,能准确地发现已知的攻击行为,并能进一步预测新的攻击行为,减少了入侵事件的漏报和误报。通过KDD99 CUP数据集进行仿真实验,与基于PSO-BP算法、传统的BP算法的入侵检测系统相比较,表明改进的PSO-BP算法的迭代次数较少、收敛速度快、检测率高,有一定的有效性。
This paper shows a way that combines the BP networks with the improved PSO algorithm aiming at false positive rate in intrusion detection systems(IDS). Based on the characteristics of the local precise search of the BP networks and the global search of the improved PSO algorithm, this method optimizes the weight and threshold of the BP networks, conquers the disadvantages of the BP networks that are easily trapped in the local extremum. And the network structure is applied into intrusion detection systems, which can discover the known detection exactly, forecast the new detection , and reduce the invasion of omissions and the false alarm rate. Comparing the simulation results of the KDD99 CUP dataset with the intrusion detection system based on the traditional BP networks and the improved PSO-BP network algorithm, the improved PSO algorithm shows less iteration times, quicker convergence rate, higher detection rate ,and sufficient availability.
出处
《计算机工程与科学》
CSCD
北大核心
2010年第6期34-36,73,共4页
Computer Engineering & Science
关键词
改进的PSO
BP网络
入侵检测
improved PSO algorithm
BP networks
intrusion detection
