摘要
针对基于神经网络(ANN)的入侵检测系统(IDS)难以得到足够丰富的实测样本这一问题,引入信息融合的观点,提出了一个基于神经网络与证据理论相结合的入侵检测系统模型。模型的神经网络模块是由自组织映射网络(SOM)和反向误差传播网络(BP)合成的,并将BP 网络的输出作为证据,输入到证据理论模块。通过证据理论模块的信息融合,降低了虚警率,提高了检测率。
InformationfusionisintroducedandanewIDSframeworkbasedonthecombinationofANNandevidencetheoryisproposed. The new framework is to solve the existing problem that ANN based IDS can't easily acquire enough abundant samples. The neural module of this frameworkconsistsof two parts: Self-organizingmaps (SOM) network and error back propagation (BP) network. The output of the BP network is apiece of evidence, which is the input of evidence theory module. Through information fusion of the evidence theory module, false positives are decreased and the detection rate is improved.
出处
《计算机工程与设计》
CSCD
北大核心
2005年第3期697-698,734,共3页
Computer Engineering and Design