摘要
为在提高检测率的同时保持较低的虚警率,提出一种不同于单一算法的基于特征选择和支持向量机的异常检测技术.首先用一个数据子集进行特征选择,通过构造函数来计算特征间的相似度,并在不失样本信息的前提下,完成会话样本的特征选择;然后对用于训练和测试的数据执行特征选择,剔除不必要的数据特征;最后利用支持向量机来判断入侵.仿真实验表明:与基于标准的支持向量机、基于tf×idf的支持向量机、基于tf×idf的神经网络及基于数据挖掘等的异常检测相比较,该方法具有更高检测率,同时其虚警率也更低.
In order to get a high detection rata and a low false rata, many researchers pay more atten tionin studying the algorithm for intrusion detection only. This paper proposes an attribute selectionbased and support vector machine (SVM) for anomaly detection, The first is attribute selection, which extracts some attributes from relatively corresponding attributes, The second is dealing with the attribute selection of training set and test set. Attribute selection removes attributes whose correlation with another attribute exceedsa threshold without lose any information. The results of our experiments show that not only the detection rata but also the false rata of our performance is superior to those of SVM, tf×idf with SVM, tf×idf with artificial neural network and data mining.
出处
《华中科技大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2008年第3期99-102,共4页
Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金
国家自然科学基金资助项目(60672049)
关键词
异常检测
特征选择
支持向量机
虚警率
检测率
anomaly detection
attribute selection
support vector machine
false rate
detection rate