摘要
支持向量机分类方法在小样本、非线性情况下具有较好的泛化性能,在入侵检测系统中有着广泛的应用。针对入侵检测过程中可能出现的由两类样本不平衡造成的分离超平面偏移现象,以核函数所蕴含的黎曼几何为依据,引入一个伪一致性变换函数,对核函数进行修改,提高支持向量机的分类泛化能力,建立基于支持向量机的网络入侵检测系统,并对系统总体结构和运行机制进行了详细的描述。实验仿真表明,该系统可有效地提高入侵检测的准确率,改善由于数据集不平衡造成的支持向量机分类偏移的情况。
As the support vector machine(SVM) classification approach has a good generalization performance in the cases of small number and non-linear samples,it is widely used in network intrusion detection fields.In order to resolve the offset phenomenon of separating a hyperplane caused by imbalanced data,Riemannian geometry inherent in a nuclear function is regarded as an important basis and a pseudo-consistency transformation function is also introduced,both of which are used to modify the kernel function and improve the generalization ability of SVM classification.On this basis,an intrusion detection system based on modified kernel function SVM is established,and a detailed description of the overall structure of the system and operating mechanism is made.Finally,simulation experiment shows that this system can achieve a more accurate detection rate and improve the SVM's classification offset phenomenon caused by imbalanced data sets.
出处
《系统工程与电子技术》
EI
CSCD
北大核心
2012年第5期1036-1040,共5页
Systems Engineering and Electronics
基金
海军十一五预研项目基金(4010601010201)资助课题
关键词
入侵检测
支持向量机
修正核函数
不平衡数据
黎曼几何
intrusion detection
support vector machine(SVM)
modified kernel function
imbalanced data
Riemannian geometry
