期刊文献+

一种基于多分类器协同训练的网络异常检测方法 被引量:3

A network anomaly detection method based on the co-training of multi classifiers
原文传递
导出
摘要 基于机器学习的网络异常检测方法是入侵检测领域的重要研究内容.传统的机器学习方法需要大量的已标记样本对分类器进行训练,然而已标记样本通常较难获取,导致分类器训练困难;此外单分类器训练面临难以消除的分类偏向性和检测孔洞.针对上述问题,本文提出了一种基于多分类器协同训练的异常检测方法MCAD,该方法利用少量的已标记样本和大量的未标记样本对多个分类器进行协同训练,以减少分类的偏向性和检测孔洞.对比实验采用经典的网络异常检测数据集KDD CUP99对MCAD的异常检测性能进行验证。实验结果表明,MCAD有效地降低了检测器训练代价,提高了网络异常检测性能. The network anomaly detection method based on machine learning is an important field in the study of intrusion detection. Many labeled samples are needed to train classifiers in the traditional machine learning algorithms, however, usually labeled samples are hard to collect, resulting difficult in the training of classifiers;furthermore, the classification bias and detection holes, facing by single classifier, can hardly be overcome. To solve these problems, in the paper, an anomaly detection method based on the cotraining of multi classifiers MCAD is proposed. In MCAD little number of labeled samples to- gether with many unlabeled samples are employed to cotrain multi classifiers to reduce the classification bias and detection holes. The classical network anomaly detection data set KDD CUP99 is utilized in the comparison experiments to test MCAD, and the results demonstrate that the training cost of MCAD is much reduced, while the network anomaly detection performance is improved.
作者 杨弢 陈文
出处 《四川大学学报(自然科学版)》 CAS CSCD 北大核心 2012年第2期329-334,共6页 Journal of Sichuan University(Natural Science Edition)
基金 国家自然科学基金(61173159) 四川大学青年教师科研启动基金(2011SCU11086)
关键词 网络安全 入侵检测 异常检测 协同训练 Network security, intrusion detection, anomaly detection, cotraining
  • 相关文献

参考文献8

二级参考文献82

共引文献192

同被引文献35

引证文献3

二级引证文献24

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部