摘要
针对现有入侵检测技术的不足,文章研究了基于机器学习的异常入侵检测系统,将多标记和半监督学习应用于入侵检测,提出了一种基于多标记学习的入侵检测算法。该算法采用"k近邻"分类准则,统计近邻样本的类别标记信息,通过最大化后验概率(maximum a posteriori,MAP)的方式推理未标记数据的所属集合。在KDD CUP99数据集上的仿真结果表明,该算法能有效地改善入侵检测系统的性能。
Aiming at some problems in current techniques of intrusion detection, the anomaly intrusion detection system based on machine learning is studied, and an intrusion detection algorithm based on muiti-label k-nearest neighbor with multi-label and semi-supervised learning is put forward. For each unlabeled datum, its k-nearest neighbors in the training set are firstly identified. After that, based on the statistical information gained from the label sets of these neighboring data, namely the number of neighboring data belonging to each possible class, maximum a posteriori(MAP) principle is utilized to determine the label set for the unlabeled data. KDD CUP99 dataset is implemented to evaluate the proposed algorithm. Compared to other algorithms, the simulation results show that the performance of intrusion detection system is improved by the proposed algorithm.
出处
《合肥工业大学学报(自然科学版)》
CAS
CSCD
北大核心
2015年第7期929-933,共5页
Journal of Hefei University of Technology:Natural Science
基金
江苏省高校自然科学基金资助项目(05KJD52006)
江苏科技大学科研资助项目(2005DX006J)
关键词
多标记学习
ML-KNN算法
半监督学习
入侵检测
KDD
CUP99数据集
multi-label learning
multi-label k-nearest neighbor (ML-KNN) algorithm
semi-supervisedlearning
intrusion detection
KDD CUP99 dataset