摘要
网络入侵检测系统存在着检测网络未知攻击困难、漏报率高、自身性能难以适应大规模网络数据的处理等缺点。在入侵检测过程中引入了一种大规模数据筛选算法,并对其进行改进,有效地进行了数据的约简,约简后的小样本数据应用于基于支持向量机的网络入侵检测系统中,使其能够在较短时间内处理大规模网络数据。实验结果表明,该改进算法能有效地筛选出边界向量,在很少降低检测精度的情况下有效地减少了检测模型的建立时间,从而提高了检测速度。
At present,defects of existing network intrusion detection system are low unknown attacks detection rate and high false negative rate.Performance can not adapt itself to large-scale network data.In the intrusion detection process,a large-scale data filter algorithm is introduced and improved.The algorithm reduces effectively data.Small samples data reduced are applied network intrusion detection system based on support vector machine and it can dispose large-scale network data in the short time.Experimental results indicate that the algorithm filters availably boundary vector,in such a case of detection accuracy reduced seldom,a building detection model is shortened and detection speed is improved.
出处
《计算机工程与设计》
CSCD
北大核心
2012年第2期488-492,共5页
Computer Engineering and Design
基金
辽宁省教育厅基金项目(2009B107)
关键词
支持向量机
网络入侵检测
数据筛选
检测模型
KDD99
support vector machine
network intrusion detection
data filter
detection model
knowledge discovery and data99
