摘要
提出了一种新的用于网络入侵检测的特征选择算法——VFSA.C4.5算法。该算法采用快速模拟退火(VFSA)搜索策略对特征子集空间进行随机搜索,然后利用提供的数据在C4.5决策树上的分类错误率作为特征子集的评估标准来为入侵检测获取最优特征子集。在著名的KDD1999入侵检测数据集上进行了大量的实验,结果表明该算法相对于其它一些应用于入侵检测的特征选择算法,在保证较高检测率的前提下,可有效地降低误报率、入侵检测的计算复杂度和提高检测速度,能更适用于现实高速网络应用环境。
The VFSA-C4.5 a new feature selection algorithm is proposed to detect network intrusions. The algorithm uses the very fast simulated annealing (VFSA) as the search strategy to specify a candidate subset for evaluation, and then uses the decision tree of C4.5 as the evaluation function to obtain the optimum feature subset for intrusion de- tection by the data classification error rate. The feasibility of the feature selection algorithm was examined by con- ducting several experiments on the KDD 1999 intrusion detection dataset. The experimental results show that the VFSA-C4.5 algorithm has higher detection rate and lower false alarm rate compared with other feature selection algorithms for network intrusion detection. Furthermore, the proposed algorithm can reduce computational resources of intrusion detection, improve the detection speed and is more suitable for the real network applications than the traditional ones.
出处
《高技术通讯》
CAS
CSCD
北大核心
2011年第12期1240-1245,共6页
Chinese High Technology Letters
基金
863计划(2007AA012416)和973计划(2007CB311100)资助项目.
关键词
网络入侵检测
特征选择
快速模拟退火(VFSA)
决策树
network intrusion detection, feature selection, very fast simulated annealing (VFSA) , decision tree