基于支持向量数据描述的报警融合方法
기우지지향량수거묘술적보경융합방법
Alarm fusion method based on support vector data description
  • 万方数据
    计算机工程与应用 계산궤공정여응용
    Computer Engineering and Applications
    2015年 19期 125-128,137 ,共5页

    曹薇薇%尹传环%牟少敏

    조미미%윤전배%모소민

    支持向量数据描述%模拟退火%报警融合%检测率%漏报率 支持嚮量數據描述%模擬退火%報警融閤%檢測率%漏報率
    지지향량수거묘술%모의퇴화%보경융합%검측솔%루보솔
    Support Vector Data Description(SVDD)%Simulated Annealing(SA)%alarm fusion%detection rate%false positive
    报警融合是入侵检测系统中很重要的一个环节,然而不同的攻击类型具有不同的数据特点,统一的无差别的处理方法势必会存在缺陷。提出了采用基于支持向量数据描述的报警融合算法,并且结合模拟退火的思想,根据不同的攻击类型,选择适合它的属性和核参数,剔除冗余特征,避免样本不均衡产生的影响,通过局部检测、数据融合以及最终的决策分析,提高了报警的检测率,降低了漏报率。通过KDD99数据集对提出的方法进行了验证。
    보경융합시입침검측계통중흔중요적일개배절,연이불동적공격류형구유불동적수거특점,통일적무차별적처리방법세필회존재결함。제출료채용기우지지향량수거묘술적보경융합산법,병차결합모의퇴화적사상,근거불동적공격류형,선택괄합타적속성화핵삼수,척제용여특정,피면양본불균형산생적영향,통과국부검측、수거융합이급최종적결책분석,제고료보경적검측솔,강저료루보솔。통과KDD99수거집대제출적방법진행료험증。
    Alarm fusion is an important part in IDS. However, different attack types have different data characteristics;in-discriminate processing method must have some faults. This paper proposes an alarm fusion method based on Support Vector Data Description(SVDD), also combines the thought of Simulated Annealing(SA). It can choose the appropriate attributes and kernel parameters, at the same time, it can eliminate the redundant features and avoid the influence of imbal-anced samples. This model can make false positive lower and improve the efficiency of intrusion detection through local detection, data fusion and final decision analysis. At last, this method is verified with the KDD99 data sets.
    원문보기 원문다운로드 사이트로이동
저자의 최근 논문