摘要
提出了一种入侵检测方法,该方法采用独立成分分析方法获取入侵行为模式的高阶统计信息,并将输入模式空间映射到相应的独立成分空间,然后利用支持向量机对小样本、高维数据泛化能力强的特点,在独立成分空间中用支持向量机原理构造广义最优分类超平面.数值实验表明,所提方法可大大降低特征空间维数,具有较好的分类正确性.特别是当高斯核参数σ值在1~3之间时,利用该方法的漏检数仅为标准支持向量机算法的1/9,这说明它能有效地获取入侵行为的本质特征,对新的入侵行为有比较好的识别能力.
A novel intrusion detection method was presented, in which the independent component analysis approach was used to acquire the high order statistic information of intrusion action mode and mapped the input mode space into the corresponding independent component space. Then the generalized maximal margin hyperplane was constructed in the independent component space using the powerful feature of the support vector machine(SVM) for small samples and high dimension data generalization. Numerical simulation shows that the proposed method can reduce the dimension of the feature space, and has higher correct classification rate, especially, when the sigma of Gauss kernel is set to 1 to 3, the rate of false negative is just one ninth of the SVM's. It means that the intrusion detection method can effectively get the essential features of intrusion action and possess the higher ability to identify new intrusion activities.
出处
《西安交通大学学报》
EI
CAS
CSCD
北大核心
2005年第8期876-879,共4页
Journal of Xi'an Jiaotong University
关键词
入侵检测
独立成分分析
支持向量机
intrusion detection
independent component analysis
support vector machine
