摘要
针对传统异常检测算法存在复杂小样本情况下训练精度高,预测精度低的过拟合缺陷,出现误报和漏报现象,提出一种面向数据核特征的复杂网络异常检测算法。网络异常数据核特征判别技术是一种针对复杂小样本异常特征的线性判别的非线性扩展。算法根据最大化网络复杂异常类间离散度和最小化类内离散度的准则,寻找原始向量的最优投影方向,使各异常数据类之间最大程度地分离,从而达到正确的检测。仿真实验结果表明,本文的方法相对于传统的支持向量机法和高斯混合模型方法,具有较高的识别率和较快的训练速度。
Abstract:In view of the traditional anomaly intrusion detection algorithm in complex small sample situation training high precision, low accuracy of prediction fitting defects, appear misinformation and omission of phenomenon, the paper pro- poses a kind of face data nuclear characteristics of the complex network anomaly detection algorithm. Network anomaly data nuclear feature discriminant technology is a kind of small sample invasion on complex characteristics of the linear discriminant nonlinear extension. Algorithm according to maximize network complex anomaly between class discrete de- gree and minimize within-group discrete degree rule, the original vector for the optimal projection direction, make each kind of abnormal data between maximum separation, so as to achieve the correct detection. The simulation results show that the proposed method is compared with the traditional support vector machine (SVM) method and gaussian mixture model method, has high recognition rate and faster training speed.
出处
《科技通报》
北大核心
2013年第8期27-29,共3页
Bulletin of Science and Technology
基金
东莞市科技计划项目(201010815401)
关键词
网络异常
核特征
异常类分离
network anomaly
nuclear characteristic
abnormal kind of separation
