期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于有监督局部决策分层支持向量机的异常检测方法 被引量:11

A Supervised Local Decision Hierachical Support Vector Machine Based Anomaly Intrusion Detection Method
在线阅读 下载PDF
导出
摘要 该文针对包含多种攻击模式的高维特征空间中的异常检测问题,提出了一种基于有监督局部决策的分层支持向量机(HSVM)异常检测方法。通过HSVM的二叉树结构实现复杂异常检测问题的分而治之,即在每个中间节点上,通过信息增益准则构建有监督学习所需的训练信号,监督局部决策;在每个嵌入中间节点的二分类支持向量机(SVM)的训练过程中,以局部决策边界对特征的敏感度为依据,选择入侵检测的局部最优特征子集。实验结果表明,该文提出的异常检测方法能够在训练信号的局部决策监督下构建具有良好稳定性的检测学习模型,并能以更精简的特征信息实现检测精确率和检测效率的提高。 This paper dedicates to propose a supervised local decision Hierachical Support Vector Machine(HSVM) learning model for anomaly intrusion detection in high dimensional feature space.The binary-tree structure of HSVM presents a "divide-and-conquer" algorithm for complex anomaly intrusion detection problem,i.e.,the training signal for supervising local decision at each internal node is constructed according to information gain criterion.The embedded SVMs at internal node are trained on local optimized feature subsets standing on the sensitivity degrees of a margin to features.The experimental results suggest that the proposed anomaly intrusion detection method can gain learning model with better stability under the local decision supervisal of training signals.Further,it also achieves competitive detection accuracy and higher detection efficiency with condensed feature information.
作者 徐琴珍 杨绿溪
机构地区 东南大学信息科学与工程学院
出处 《电子与信息学报》 EI CSCD 北大核心 2010年第10期2383-2387,共5页 Journal of Electronics & Information Technology
基金 国家自然科学基金(60702029 60902012) 国家科技重大专项(2009ZX03003-004) 国家973计划项目(2007CB310603) 东南大学科研启动费(4004001041)资助课题
关键词 异常入侵检测 分层支持向量机 特征信用度 有监督局部决策 Anomaly intrusion detection Hierachical Support Vector Machine (HSVM) Feature credit Supervised local decision
分类号 TP391 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献14

  • 1Tsang Chi-ho,Kwong Sam,and Wang Han-li.Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection[J].Pattern Recognition,2007,40(9):2373-2391.
  • 2Helmer G,Wong J S K,and Honavar V,et al..Automated discovery of concise predictive rules for intrusion detection[J].Journal of Systems and Software,2002,60(3):165-175.
  • 3Cheng Xiang,Png Chin-yong,and Lim Swee-meng.Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees[J].Pattern Recognition Letters,2008,29(7):918-924.
  • 4Jamie T and Uwe A.Information fusion in the immune system[J].Information Fusion,2010,11(1):35-44.
  • 5Dasgupta D and Gonzalez F.An immunity-based technique to characterize intrusions in computer networks[J].IEEE Transactions on Evolutionary Computation,2002,6(3):281-291.
  • 6Thomas C and Balakrishnan N.Improvement in intrusion detection with advances in sensor fusion[J].IEEE Transactions on Information Forensics and Security,2009,4(3):542-551.
  • 7Charles J J,Das A,Lee B,and Seet B.CARRADS:cross layer based adaptive real-time routing attack detection system for MANETS[J].Computer Networks,2010,54(7):1126-1141.
  • 8Cristianini N and Shawe-Taylor J.An Introduction to Support Vector Machines and Other Kernel-based Learning Methods.New York:Cambridge University Press,2000:93-122.
  • 9Hernández-Pereira E,Suárez-Romero J A,Fontenla-Romero O,and Alonso-Betanzos A.Conversion methods for symbolic features:a comparison applied to an intrusion detection problem[J].Expert Systems with Applications,2009,36(7):10612-10617.
  • 10Quinlan J R.C4.5:Programs for Machine Learning[M].San Mateo,California:Morgan Kaufmann publishers,1993:17-26.

二级参考文献12

  • 1Awaidah S M and Mahmoud S A, A multiple feature/resolution scheme to Arabic (Indian) numerals recognition using hidden Markov models. Signal Processing, 2009, 89(6): 1176-1184.
  • 2Miao Kang and Dominic Palmer-Brown. A modal learning adaptive function neural network applied to handwritten digit recognition. Information Sciences, 2008, 178(20): 3802-3812.
  • 3Polat O and Yildirim T. Genetic optimization of GRNN for pattern recognition without feature extraction. Expert Systems with Applications, 2008, 34(4): 2444-2448.
  • 4Sabri Mahmoud. Recognition of writer-independent off-line handwritten Arabic (Indian) numerals using hidden Markov models. Signal Processing, 2008, 88(4): 844-857.
  • 5Melgani F and Bazi Y. Classification of electrocardiogram signals with support vector machines and particle swarm optimization. IEEE Transactions on Information Technology in Biomedicine, 2008, 12(5): 667-677.
  • 6Sindhwani V, Rakshit S, Deodhare D, Erdogmus D, Principe J C, and Nivogi P. Feature selection in MLPs and SVMs based on maximum output information. IEEE Transactions on Neural Networks, 2004, 15(4): 937-948.
  • 7Bo L F, Wang L, and Jiao L C. Training hard-margin support vector machines using greedy stagewise algorithm. IEEE Transactions on Neural Networks, 2008, 19(8): 1446-1455.
  • 8Saul L K and Roweis S T. Think globally, fit locally: Unsupervised learning of low dimensional manifolds. Journal of Machine Learning Research, 2004, 4(2): 119-155.
  • 9Quilan J R. C4.5: Programs for Machine Learning. San Mateo: Morgan Kaufmann Publishers, 1993: 17-26.
  • 10Bennett K P, Shawe-Taylor J, and Demiriz A. Linear programming boosting via column generation. Machine Learning, 2001, 46(1): 225-254.

共引文献5

同被引文献155

  • 1李昆仑,黄厚宽,田盛丰,刘振鹏,刘志强.模糊多类支持向量机及其在入侵检测中的应用[J].计算机学报,2005,28(2):274-280. 被引量:49
  • 2倪世宏 ,史忠科 ,谢川 ,王彦鸿 .军用战机机动飞行动作识别知识库的建立[J].计算机仿真,2005,22(4):23-26. 被引量:42
  • 3诸葛建伟,王大为,陈昱,叶志远,邹维.基于D-S证据理论的网络异常检测方法[J].软件学报,2006,17(3):463-471. 被引量:56
  • 4任勋益,王汝传,王海艳.基于自相似检测DDoS攻击的小波分析方法[J].通信学报,2006,27(5):6-11. 被引量:56
  • 5VladimirN Vapnik著 张学工译.统计学习理论的本质[M].北京:清华大学出版社,2000.1-125.
  • 6Oartner Inc [EB/OL]. http://www, gartner, com/ press_releases/asset_129199_11, html, 2005.
  • 7Christodorescu, M. , Jha, S. Static analysis of execut- ables to detect malicious patterns[C]//Proceedings of the 12th USENIX Security Symposium (Security'03), USENIX Association, USENIX Association, 2003. 169-186.
  • 8Witten, I. , Frank, E. Data mining.. Practical machine learning tools and techniques with Java implementa- tions. Morgan Kaufmann, San Francisco,2000.
  • 9Lewis, D. , & Gale, W. A sequential algorithm for training text classifiers[C]//Proceedings of the Seven- teenth Annual International ACM-SIGIR Conference on Research and Development in Information Retrieval. Springer-Verlag, 19 9 4 : 3 - 12.
  • 10Kephart, J. O. , Sorkin, G. B. , Arnold, W. C. , et al. Biologically inspired defenses against computer viruses [C]//Proceedings of the 14th UCAI, Montreal, 1995, : 985-996.

引证文献11

二级引证文献75

电子与信息学报
2010年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部