期刊文献+

基于并行特征选择和分类的网络入侵检测方法 被引量:13

Network intrusion detection based on parallel feature selection and classification
下载PDF
导出
摘要 针对存在大量访问时的网络入侵检测问题,提出一种在MapReduce框架下实现的并行网络入侵检测方法。构建一种并行化的量子粒子群优化(QPSO)算法,对原始数据集中的大量特征进行选择,降低特征维度;实现一种并行化的朴素贝叶斯(NB)分类器,以网络访问特征作为输入来检测入侵。在KDDCup99数据集上的实验结果表明,该特征选择方法能够选择出最优特征子集,有效提高了入侵检测的准确性,特征选择和分类器的并行化缩短了检测时间。 To solve the problem of network intrusion detection when there is a large number of accesses, a parallel network intrusion detection method based on MapReduce was proposed. A parallel quantum particle swarm optimization (QPSO) algorithm was constructed to reduce the feature dimension by selecting feature subset from the original data set. A parallel naive Bayesian (NB) classifier was implemented in which network access features were taken as input to detect intrusions. Experimental results on KDDCup99 dataset show that the proposed feature selection method can select the optimal feature subset and improve the accuracy of intrusion detection effectively. The parallelization of feature selection and classifier greatly reduces the detection time.
作者 戴敏 DAI Min(School of Computer,Civil Aviation Flight University of China,Guanghan 618307,China)
出处 《计算机工程与设计》 北大核心 2019年第3期654-661,共8页 Computer Engineering and Design
基金 国家自然科学基金民航联合基金重点项目(U1233202/F01)
关键词 网络入侵检测 MAPREDUCE框架 QPSO算法 特征选择 NB分类器 network intrusion detection MapReduce framework QPSO algorithm feature selection NB classifier
  • 相关文献

参考文献6

二级参考文献53

  • 1田志宏,方滨兴,张宏莉.基于半轮询驱动的网络入侵检测单元的设计与实现[J].通信学报,2004,25(7):146-152. 被引量:5
  • 2毛勇,周晓波,夏铮,尹征,孙优贤.特征选择算法研究综述[J].模式识别与人工智能,2007,20(2):211-218. 被引量:95
  • 3陈友,程学旗,李洋,戴磊.基于特征选择的轻量级入侵检测系统[J].软件学报,2007,18(7):1639-1651. 被引量:78
  • 4康燕,孙俊,须文波.具有量子行为的粒子群优化算法的参数选择[J].计算机工程与应用,2007,43(23):40-42. 被引量:19
  • 5Lippmann R,Webster S, Stetson D. The effect of identifying vulnerabilities and patching software on the utility of network intrusion detection [C]//Proc of the 15th Int Symp on Recent Advances in Intrusion Detection. Berlin: Springer, 2002: 307-326.
  • 6Sommer R, Paxson V. Enhancing byte-level network intrusion detection signatures with context [C]//Proc of the 10th ACM Conf on Computer and Communications Security. New York: ACM, 2003:262-271.
  • 7Kruegel C, Robertson W. Alert verification: Determining the success of intrusion attempts [C]//Proc of the 1st Workshop on Detection of Intrusions and Malware Vulnerability Assessment (DIMVA). Berlin: Springer, 2004, 2622-2628.
  • 8Gula R. Correlating IDS Alerts with Vulnerability Information [M]. Englewoocl Cliffs, NJ: Prentice Hall, 2003.
  • 9Desai N. IDS Correlation of VA Data and IDS Alerts [M]. EnglewooeI Cliffs, NJ: Prentice Hall, 2005.
  • 10Nessus Vulnerability Scanner [EB/OL]. 2001. [2011-01-08]. http://www. ness-us.org.

共引文献88

同被引文献118

引证文献13

二级引证文献83

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部