期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

面向异常数据流的多分类器选择集成方法 被引量:3

Abnormal data flow oriented selection integration method of multiple classifiers
下载PDF
导出
摘要 传统的多分类器选择算法产生较大的计算和存储开销。另外,多分类器对异常数据流的预测稳定性是解决概念飘移的重要因素。通过引入改进的决策轮廓矩阵和支持熵解决了每个分类器集合之间模糊差异度问题,并将支持熵作为差异度度量的输入衡量标准,使分类器集合之间的差异度计算更加稳定高效,并在此基础上提出了一种基于差异度集成的异常数据流检测方法并实现其算法;该方法应用在异常分类器选择模块,主要包括三个步骤:构建决策轮廓矩阵、整合支持熵、分类器集合差异度度量。实验结果表明,该算法对异常流量的预测精度和稳定性相比其他算法较好,由于分类器训练时间达到10^(-2)s左右,基本上能够适应数据流量检测的实时性需求。 Traditional classifier selection algorithm generates a large computing and storage overhead. Another, for the forecast stability of abnormal data flow, multiple classifiers is an important factor to solve the concept drift. This paper has solved the problem about fuzzy degree of difference between each classifier collection by introducing the improved decision contour matrix and the support entropy. The degree of differences uses support entropy as standard of input measure, making calculation of differences in each classifier collection more stable and efficient. An abnormaly data flow detection method and algorithm based on diversity integration is proposed. The algorithm is applied to the anomaly classifier selection module, and mainly includes three processes:constructing decision contour matrix, integrating support entropy and measuring classifier ensemble dissimilarity. Experimental result shows that both accuracy and stability of the BDMS algorithm are better than other algorithms in accuracy and stability of abnormal traffic prediction. Since the classifier training time reach about 10^(-2) s, basically it is able to adapt to the real-time demand for data traffic.
作者 杨融泽 柳毅
机构地区 广东工业大学计算机学院
出处 《计算机工程与应用》 CSCD 北大核心 2018年第2期107-113,共7页 Computer Engineering and Applications
基金 国家自然科学基金(No.61572144) 广东省自然科学基金(No.2014A030313517) 广东省科技计划项目(No.2016B090918125 No.2015B010128014) 广州市科技计划项目(No.201508010026 No.2014J4100201)
关键词 选择集成 异常数据流 决策轮廓矩阵 支持熵 差异度量 selection integration abnormal data flow decision contour matrix support entropy difference measure
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献3

二级参考文献46

  • 1龚俭,彭艳兵,杨望,刘卫江.基于BloomFilter的大规模异常TCP连接参数再现方法[J].软件学报,2006,17(3):434-444. 被引量:24
  • 2Patcha A, Park J. An overview of anomaly detection technique:Existing solutions and latest technological trends[J]. Computer Networks, 2007, 51(12):3448-3470.
  • 3Axelsson S. The bass-rate fallacy and the difficulty of intrusion detection [J]. ACM Trans on Information and System Security, 2000, 3(3):186-205.
  • 4Jung J, Paxson V, Berger A W. Fast portscan detection using sequential hypothesis testing [C] //Proc of the IEEE Syrup on Security and Privacy. Piscataway, [J] 1EEE, 2004:211-225.
  • 5Estan C, Savage S, Varghese G. Automatically inferring patterns of resource consumption in network traffic [C]/ SIGCOMM 2003. New York: ACM, 2003.
  • 6Nychis G, Sekar V, Andersen D G, et al. An empirical evaluation of entropy-based traffic anomaly detection [C] // ACM SIGCOMM Conf on Int Measurement (IMC). New York: ACM, 2008:151-156.
  • 7Lee W, Xiang D. Information-theoretic measures for anomaly detection [C]//IEEE Syrup on Security and Privacy, Washington DC: ACM, 2001: 130-143.
  • 8Lakhina A, Crovella M, Diot C. Mining anomalies using traffic feature distributions [C] //ACM S1GCOMM 2005. New York: ACM, 2005:217-228.
  • 9Ayesha B A, Maria J R, Asma Mumtaz, ct al. A comparative evaluation of anomaly detectors under portscan attacks [C] //LNCS 52.30: Proc of the 11th lnt Symp on Recent Advances in Intrusion Detection (RAID 2008 ). Berlin: Springer, 2008: 351-371.
  • 10Sarawagi S, Agrawal R, Gupta A. On computing the data cube, RJ10026[R]. San Jose, CA: IBM Almaden Research Center, 1996:1-18.

共引文献29

同被引文献38

引证文献3

二级引证文献6

计算机工程与应用
2018年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部