计算机科学
計算機科學
계산궤과학
COMPUTER SCIENCE
2009年
11期
79-82
,共4页
唐菀%曹阳%杨喜敏%覃俊
唐菀%曹暘%楊喜敏%覃俊
당완%조양%양희민%담준
网络入侵检测%基因表达式编程%规则提取%约束文法%精英策略
網絡入侵檢測%基因錶達式編程%規則提取%約束文法%精英策略
망락입침검측%기인표체식편정%규칙제취%약속문법%정영책략
Network intrusion detection%GEP (gene expression programming)%Rule extraction%Constraint grammar%E-litist strategy
针对基于机器学习网络入侵检测存在的未知攻击检测率低、规则多而复杂导致检测效率不高等问题,提出了基于约束的基因表达式编程(GEP)规则提取算法(CGREA).用GEP模式表示入侵检测规则,定义了约束文法对规则个体进行约束,以满足规则的充分性和封闭性.CGREA算法限定GEP规则基因头部各类符号的随机选择数目比例.并采用精英策略以保证算法收敛性.用KDDCUP'99数据集对CGREA算法提取的入侵检测规则进行评估,总攻击检测率为91.36%,其中有3种未知攻击的检测率超过88%.结果表明,CGREA算法能在较小种群和有限代数内提取出简单而有效的规则,未知攻击检测率和检测性能也得到提高.
針對基于機器學習網絡入侵檢測存在的未知攻擊檢測率低、規則多而複雜導緻檢測效率不高等問題,提齣瞭基于約束的基因錶達式編程(GEP)規則提取算法(CGREA).用GEP模式錶示入侵檢測規則,定義瞭約束文法對規則箇體進行約束,以滿足規則的充分性和封閉性.CGREA算法限定GEP規則基因頭部各類符號的隨機選擇數目比例.併採用精英策略以保證算法收斂性.用KDDCUP'99數據集對CGREA算法提取的入侵檢測規則進行評估,總攻擊檢測率為91.36%,其中有3種未知攻擊的檢測率超過88%.結果錶明,CGREA算法能在較小種群和有限代數內提取齣簡單而有效的規則,未知攻擊檢測率和檢測性能也得到提高.
침대기우궤기학습망락입침검측존재적미지공격검측솔저、규칙다이복잡도치검측효솔불고등문제,제출료기우약속적기인표체식편정(GEP)규칙제취산법(CGREA).용GEP모식표시입침검측규칙,정의료약속문법대규칙개체진행약속,이만족규칙적충분성화봉폐성.CGREA산법한정GEP규칙기인두부각류부호적수궤선택수목비례.병채용정영책략이보증산법수렴성.용KDDCUP'99수거집대CGREA산법제취적입침검측규칙진행평고,총공격검측솔위91.36%,기중유3충미지공격적검측솔초과88%.결과표명,CGREA산법능재교소충군화유한대수내제취출간단이유효적규칙,미지공격검측솔화검측성능야득도제고.
Network intrusion detection based on machine learning suffers from the problems of low detection ratio for unknown intrusion and low detection efficiency due to many complex rules.To solve these problems, a constraint-based gene expression programming (GEP) rule extraction algorithm (CGREA) was proposed.The intrusion detection rules were represented based on GEP model, and a constraint grammar was defined to guarantee the rules closeness and ade-quacy.It restricted the ratio of randomly selecting various symbols in the gene head of GEP rules, and used the elitist strategy to guarantee convergene.The KDD CUP' 99 DATA Set was used for evaluation the intrusion detection rules auto-extracted by CGREA.A 91% probability of detection was achieved, and three unknown attacks' probabilities of detection were more than 88 %.These results indicate that the intrusion detection rules that extracted by CGREA are effective, simple,and capable of detecting unknown intrusions.Moreover, the efficiency of rule generation and detection is improved.