摘要
针对入侵检测日志数据存在大量不相关特征和冗余特征,导致入侵检测数据集维数较高,检测算法实时性较低的问题,提出一种基于遗传算法的入侵检测特征选择算法。首先删除入侵检测数据集中的不相关特征及冗余特征,构建有效特征集L,并通过偏F检验对特征进一步选择,构成待优化特征集L';然后采用遗传算法对L'进行优化选择,选出最能反映系统状态的特征集L″。仿真实验结果证明,该算法在保证特征分类精度和确保入侵检测漏检率、误检率尽量小的前提下明显提高了入侵检测的效率。
This paper designed a feature selection algorithm to solve the problem that there are many redundant and irrelevant features in the intrusion detection data sets,which leads to the high feature dimension and low efficiency of detection.First,deleted the redundant and irrelevant features in the ID data set,so as to build the effective feature set L.Then,used a partial checkout to make a deeper choice of the feature to build another feature set L′.Finally,used an improved genetic algorithm to optimize L′,and by this way,all features that could best show the state of the current system would be selected.The result of the stimulant experiment shows that it can improve the efficiency of intrusion detection apparently on condition of guarantee to classification accuracy and lower missing detection and wrong detection.
出处
《计算机应用研究》
CSCD
北大核心
2012年第4期1417-1419,1426,共4页
Application Research of Computers
基金
国家自然科学基金资助项目(71072131)
关键词
入侵检测
特征选择
偏F检验
遗传算法
intrusion detection
feature selection
partial checkout
genetic algorithm
