摘要
在进行事件分析之前,网络入侵检测系统首先要面对数据缩减的问题。以ANIDS为背景,分析了两种重要的数据缩减技术:相关特征子集选择和特征再构造。提出了一种基于Wrapper方法的最优特征子集选取算法SRRW。在考虑学习算法偏置的情况下,通过识别强相关特征并引入约束,能够更快地搜索并获得最优的相关特征子集。从特征再构造角度出发实现数据缩减,并通过因子负荷量矩阵分析了原始特征之间的相关性。
NIDSs deal with the problem of data reduction before analyzing the events. Two important measures used in ANIDS are proposed: FSS and new feature construction. A novel algorithm named SRRW is put forward first, which can produce OFS by recognizing all strongly relevant features and restrict them in searching process. A feature construction method is used to get the OFS. The correlations between the original features can be analyzed by factor loading matrix.
出处
《国防科技大学学报》
EI
CAS
CSCD
北大核心
2003年第6期16-20,共5页
Journal of National University of Defense Technology
