摘要
基于贝叶斯逐步判别法构建入侵检测模型,将入侵检测转化为一个分类判别问题,基于步进式引入的方法淘汰冗余的特征变量,能够在保障判别效果的前提下有效降低原分类判别函数的计算复杂度.使用KDD CUP99数据中10%数据集作为实验数据,以常见的拒绝服务攻击(DoS攻击)为例创建具体的模型实例,实验结果表明,模型对于样本内连接记录的回代判对率和样本外连接记录的检测正确率均较高.
In this paper, we build a intrusion detection model based on bayesian stepwise discriminant method. The model transforms intrusion detection problem into a discriminant classify problem. The redundant characteristic variables are eliminated by the stepwise in- troducing method which can decrease original discriminant classify functions' computational complexity without negative influence to discriminant effect. The 10% data set of KDD CUP99's data is used as experimental data. Normal data and the data of denial of service (DOS) attack is used to instantiate the model. The results show the model's high correct discriminant rate of back substitution with sample data and high correct detection rate with out-of-sample-data.
出处
《数学的实践与认识》
CSCD
北大核心
2013年第9期172-180,共9页
Mathematics in Practice and Theory
基金
国家自然科学基金青年项目(71002094)
辽宁省高等学校优秀人才支持项目(WJQ2011043)
关键词
贝叶斯判别法
逐步判别法
入侵检测
bayesian discriminant method
stepwise discriminant method
intrusion detection