CAJ | 학술논문

特征选择和分类器设计是网络攻击监测的关键,为了提高网络攻击监测率,针对特征选择问题,提出一种蚁群算法选择特征和SVM特征加权相结合的网络攻击检测方法(ACO-SVM).首先利用支持向量机的分类精度和特征子集维数加权构造了综合适应度指标,利用蚁群算法的全局寻优和多次优解搜索能力实现特征子集搜索;然后选择网络数据的关键特征,计算信息增益获得各个特征权重,并根据特征权重构建加权支持向量机的网络攻击分类器;最后设计了局部细化搜索方式,使得特征选择结果不含冗余特征的同时提高了算法的收敛性,并通过KDD1999数据集验证了算法有效性.结果表明,ACO-SVM有效降低了特征维数,提高了网络攻击检测正确率和检测速度.
특정선택화분류기설계시망락공격감측적관건,위료제고망락공격감측솔,침대특정선택문제,제출일충의군산법선택특정화SVM특정가권상결합적망락공격검측방법(ACO-SVM).수선이용지지향량궤적분류정도화특정자집유수가권구조료종합괄응도지표,이용의군산법적전국심우화다차우해수색능력실현특정자집수색;연후선택망락수거적관건특정,계산신식증익획득각개특정권중,병근거특정권중구건가권지지향량궤적망락공격분류기;최후설계료국부세화수색방식,사득특정선택결과불함용여특정적동시제고료산법적수렴성,병통과KDD1999수거집험증료산법유효성.결과표명,ACO-SVM유효강저료특정유수,제고료망락공격검측정학솔화검측속도.
Feature selection and classifier design is the key of network attacking detection. In order to improve the detection accuracy network attacking detection, this paper proposes a novel network attacking detection method, namely the ACO-SVM which is based ant colony optimization algorithm and support vector machine to cope with feature selection issue for network attacking detection. The classification accuracy of support vector machine and the selected feature dimension form the fitness function, and the ant colony optimization algorithm provides good global searching capability and multiple sub-optimal solutions, and a local refinement searching scheme is designed to exclude the redundant features and improves the convergence rate. The performance of method are test by KDD1999 data, the experimental results show that the proposed method has reduced features dimensionality greatly and improve the detection accuracy of network attacking as well as the significant improvement on detection speed.