摘要
入侵检测数据中存在噪音属性及部分连续型属性,并具有高维、非线性特征,为了取得更好的检测效果,首先利用邻域粗糙集对数据集进行属性约简,消除冗余属性与噪声,避免了传统粗糙集在连续型属性离散化过程中带来的信息损失;然后采用KNN算法进行异常数据的识别与检测.仿真实验结果表明,该算法能有效提升入侵检测的精度,具有较高的泛化性和稳定性.
Data in intrusion detection have noisy features and some continuous attributes, and have high dimension, as well as nonlinear characteristics, this paper uses a algorithm based on neighborhood rough set for the affecting on detection. First, data set is deducted by presenting neighborhood rough set,and new data subset is produced, so that the redundant attributes and noise are eliminated to avoid information loss when utilizing traditional rough set: afterward KNN is used to detect abnormal data from data set. The simulation results in KDD99 data set show that the algorithm can effectively improve the accuracy and efficiency of intrusion detection,and it has high generalization and stability.
出处
《河南科学》
2013年第9期1404-1408,共5页
Henan Science
基金
国家自然科学基金(81160183)
陕西省教育厅科研基金(12JK0864)
陕西理工学院科研基金(SLGKY12-01)
关键词
入侵检测
属性约简
邻域粗糙集
K最近邻算法
network intrusion detection
attribute reduction
neighborhood rough set
K nearest neighbor algorithm