信息网络安全
信息網絡安全
신식망락안전
Netinfo Security
2015年
9期
78-83
,共6页
汤健%孙春来%毛克峰%贾美英
湯健%孫春來%毛剋峰%賈美英
탕건%손춘래%모극봉%가미영
网络入侵%异常检测%维数约简%机器学习
網絡入侵%異常檢測%維數約簡%機器學習
망락입침%이상검측%유수약간%궤기학습
network intrusion%anomaly detection%dimension reduction%machine learning
针对网络入侵异常检测模型输入特征的高维共线性问题,以及网络环境动态变化频繁等问题,文章提出基于主元分析(PCA)和互信息(MI)维数约简策略的快速网络入侵异常检测模型构建方法.该方法首先通过基于PCA的特征提取技术对输入变量进行潜在特征提取,消除变量间的共线性;然后采用基于MI的特征选择技术对PCA提取的潜在变量进行选择,进而实现与异常检测模型输出类别最为相关的相互独立的特征变量的选择;最后,以这些特征输入,基于具有较快学习速度的随机向量泛函联接(RVFL)网络建立检测模型.在国际KDD99数据集上的仿真实验表明所提方法能够合理提取和选择特征,具有较快的学习速度和较好的推广性.
針對網絡入侵異常檢測模型輸入特徵的高維共線性問題,以及網絡環境動態變化頻繁等問題,文章提齣基于主元分析(PCA)和互信息(MI)維數約簡策略的快速網絡入侵異常檢測模型構建方法.該方法首先通過基于PCA的特徵提取技術對輸入變量進行潛在特徵提取,消除變量間的共線性;然後採用基于MI的特徵選擇技術對PCA提取的潛在變量進行選擇,進而實現與異常檢測模型輸齣類彆最為相關的相互獨立的特徵變量的選擇;最後,以這些特徵輸入,基于具有較快學習速度的隨機嚮量汎函聯接(RVFL)網絡建立檢測模型.在國際KDD99數據集上的倣真實驗錶明所提方法能夠閤理提取和選擇特徵,具有較快的學習速度和較好的推廣性.
침대망락입침이상검측모형수입특정적고유공선성문제,이급망락배경동태변화빈번등문제,문장제출기우주원분석(PCA)화호신식(MI)유수약간책략적쾌속망락입침이상검측모형구건방법.해방법수선통과기우PCA적특정제취기술대수입변량진행잠재특정제취,소제변량간적공선성;연후채용기우MI적특정선택기술대PCA제취적잠재변량진행선택,진이실현여이상검측모형수출유별최위상관적상호독립적특정변량적선택;최후,이저사특정수입,기우구유교쾌학습속도적수궤향량범함련접(RVFL)망락건립검측모형.재국제KDD99수거집상적방진실험표명소제방법능구합리제취화선택특정,구유교쾌적학습속도화교호적추엄성.
Aim to high dimensional co-linearity problem of network intrusion anomaly detection model's input features and dynamic changes of network environment, a new fast anomaly detection model construction approach based on dimension reduction strategy using principal component analysis (PCA) and mutual information (MI) is proposed in this paper. At first, PCA based feature extraction method is used to extract independence latent features, to diminish co-linearity among these input variables. Then, MI based feature selection method is used to select important features from PCA extracted latent features. Thus, these independent features that have much relation to anomaly detection model's output are selected. At last, a kind of machine learning algorithm with fast learning speed, i.e., random vector function link (RVFL) net, is used to construct the ifnal intrusion detection model with these extract and selected features. Simulation results based on KDD99 data set show that the proposed method can extract and select features effectively with fast learning speed.
