期刊文献+

基于改进单类支持向量机的工业控制网络入侵检测方法 被引量:18

Intrusion detection algorithm of industrial control network based on improved one-class support vector machine
下载PDF
导出
摘要 针对单类支持向量机(OCSVM)入侵检测方法无法检测内部异常点和离群点导致决策函数偏离训练样本的问题,提出了一种结合具有噪声的密度聚类(DBSCAN)方法和K-means方法的OCSVM异常入侵检测算法。首先通过DBSCAN算法,剔除训练数据中的离群点,消除离群点的影响;然后利用K-means划分数据类簇的方法筛选出内部异常点;最后利用OCSVM算法为每一个类簇建立单分类器用于检测异常数据。工控网络数据集上的实验结果表明,该组合分类器能够利用无异常数据样本检测出工控网络入侵,并且提高了OCSVM方法的检测效果。在气体管道网络数据集入侵检测实验中,所提方法的总体检测率为91.81%;而原始OCSVM算法则为80.77%。 Since the intrusion detection method based on One-Class Support Vector Machine( OCSVM) can not detect internal abnormal points and outliers, which leads to the deviation of decision function from training samples. A new OCSVM anomaly detection function combining DBSCAN( Density-Based Spatial Clustering of Applications with Noise) and K-means was proposed. Firstly, the outliers in the training data were removed by DBSCAN algorithm to eliminate the influence of outliers. Then, K-means clustering method was used to classify normal data clusters, so that the internal abnormal points could be selected. Finally, a one-class classifier for each data cluster was created to detect exception data by OCSVM algorithm.The experimental results on industrial control networks show that the combined classifier can detect the intrusion attacks of the industrial control network by using normal data, and it can improve the detection effect of OCSVM algorithm. In intrusion detection experiment of gas pipeline, the overall detection rate of the proposed method is 91. 81%, while the overall detection rate of OCSVM algorithm is 80. 77%.
作者 刘万军 秦济韬 曲海成 LIU Wanjun;QIN Jitao;QU Haicheng(School of Software,Liaoning Technical University,Huludao Liaoning 125105,China)
出处 《计算机应用》 CSCD 北大核心 2018年第5期1360-1365,1371,共7页 journal of Computer Applications
基金 辽宁省教育厅科研一般项目(L2015216) 辽宁工程技术大学生产技术基金资助项目(20160092T)~~
关键词 单类支持向量机 具有噪声的密度聚类 K-MEANS 工业控制网络 异常入侵检测 One-Class Support Vector Machine (OCSVM) Density-Based Spatial Clustering of Applications with Noise(DBSCAN) K-means industrial control network abnormal intrusion detection
  • 相关文献

参考文献9

二级参考文献191

共引文献225

同被引文献146

引证文献18

二级引证文献78

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部