摘要
针对异常检测信息获取不足的缺点,提出基于混合人工免疫系统(AIS)/自组织映射(SOM)的入侵检测模型。该模型采用人工免疫系统检测网络异常,对检测到的异常连接用自组织映射进行分类,应用KDDCUP99实验数据集进行仿真。结果表明该检测方法是有效的,能够将检测到的异常连接分类并给出异常连接的更多信息,检测和分类效率较高、误报率低。
This paper proposes an intrusion detection model based on Artificial Immune System(AIS)/Self Organizing Map(SOM). It detects anomaly attack by AIS, and applies SOM to the detected-anomaly classification. This model can detect the unknown attaction and get more information about intrusion due to the combinition with the advantages of misuse detection and anomaly detection, and simulates it with KDDCUP 99 data. Experimental results show that the method is effective, which can classify the detected anomaly connections and give more information about such anomaly connection with low false rate and high positive rate.
出处
《计算机工程》
CAS
CSCD
北大核心
2010年第12期164-166,共3页
Computer Engineering
关键词
人工免疫系统
自组织映射
入侵检测
遗传算法
异常检测
Artificial Immune System(AIS)
Self Organizing Map(SOM)
intrusion detection
Genetic Algorithm(GA)
anomaly detection