摘要
针对传统否定选择算法可能引起检测器"流失"而降低检测率的缺陷,提出一种基于二次否性剪切选择的入侵检测方法。该算法将新生成的检测器与成熟检测器集合作比对,提升检测器的耐受性;将通过耐受性检测的检测器与训练的自体集作比对,如果出现覆盖则对检测器进行剪切,并将其置入成熟检测器集合;最后,对成熟检测器集合进行优化。实验结果表明,与现有的几种检测方法相比,该方法拥有更高的检测率、更低的误报率以及更少的检测器数量。
Due to the possible case of detection-rate declining from detectors-losing of traditional negative selection algorithms,a novel technique for intrusion detection based on dual negative splitting selection is proposed.Firstly,the comparison between the newly generated detector and the ones in the mature detector set is conducted to enhance the tolerance of the detectors.Then,the training self-sets are compared with the qualified detectors passing the tolerance examination.If there are intersections between the above two,‘splitting’will be done towards the detectors.And the several new ones will be included by the mature detector set.Finally,the optimization will be conducted to increase the detecting performance.Experimental results demonstrate that,compared with the current several detecting techniques,the proposed one owns much higher detecting rate,less false-alarm rate and fewer detectors.
作者
刘会会
牛玲
孔韦韦
LIU Hui-hui;NIU Ling;KONG Wei-wei(Zhoukou Normal University,Zhoukou 466001,China;Xi’an University of Posts and Telecommunications,Xi’an 710121,China)
出处
《火力与指挥控制》
CSCD
北大核心
2018年第10期181-186,共6页
Fire Control & Command Control
基金
国家自然科学基金(U1504613)
河南省高等学校重点科研基金(16A520104)
河南省高校科技创新团队计划(17IR TSTHN009)
信息保障技术重点实验室开放基金资助项目(KJ-15-102)
关键词
否定选择
入侵检测
剪切
检测率
negative selection
intrusion detection
splitting
detecting rate
