摘要
针对目前入侵检测效率不高的问题,本文提出一种基于感知哈希矩阵的最近邻入侵检测算法.首先计算训练集中入侵检测对象的感知哈希描述子,并将感知哈希描述子拼接成感知哈希矩阵;然后利用设计好的量化函数对矩阵中的哈希描述子进行量化,并按照感知哈希的性质对矩阵进行约简和调整;在入侵检测阶段用该矩阵快速定位与待检测对象最相近的K个样本,利用K近邻的投票原则完成入侵检测任务.通过理论分析及在KDDCUP99数据集上的相关实验验证了该方法以O(n)的时间复杂度来快速定位最近邻的K个样本,在保持高检测率的同时降低了存储和计算方面的开销,从而更加有效的保护网络环境.
In view of the low efficiency of current intrusion detection,this paper proposes a Nearest Neighbor Intrusion Detection algorithm based on Perceptual Hash Matrix.Firstly,the perceptual Hash descriptors of the intrusion detection object in the training set is calculated,and the perceptual Hash descriptors are spliced into a perceptual Hash matrix;Then use the designed quantization function to quantize the Hash digest in the matrix,and reduce and adjust the matrix according to the nature of the perceived Hash.In the intrusion detection phase,the matrix is used to quickly locate K samples closest to the object to be detected,using K nearest neighbors(KNN)’s voting principles to complete intrusion detection tasks.Theoretical analysis and related experiments on the KDDCUP99 dataset show that the method can quickly locate the nearest neighbor K samples with the O(n ) of time complexity,which can reduce the overhead of storage and calculation while maintaining high detection rate,and more effectively protect the network environment.
作者
江泽涛
周谭盛子
韩立尧
JIANG Ze-tao;ZHOU Tan-sheng-zi;HAN Li-yao(College of Computer and Information Security,Guilin University of Electronic Technology,Guilin,Guangxi 541004,China;College of Computer Science and Technology,Northwestern Polytechnical University,Xi’an,Shaanxi 710129,China)
出处
《电子学报》
EI
CAS
CSCD
北大核心
2019年第7期1538-1546,共9页
Acta Electronica Sinica
基金
国家自然科学基金(No.61572147,No.61762066,No.61876049)
广西科技计划(No.AC16380108)
广西图像图形智能处理重点实验(No.GIIP201701,No.GIIP201801,No.GIIP201802,No.GIIP201803)
广西研究生教育创新计划(No.2018YJCX46)
江西省自然科学基金(No.20171BAB212015)
关键词
入侵检测
感知哈希矩阵
量化函数
K近邻
检测率
intrusion detection
perceptual Hash matrix
quantization function
KNN
detection rate