摘要
精准且快速地识别异常用户行为是入侵检测系统(IDS)的重要任务。针对入侵检测数据维度高、样本量大的问题,提出了基于变精度覆盖粗糙集的相关族属性约简方法,并将其运用至入侵检测数据中。首先,基于覆盖决策表生成条件属性的变精度相关族;然后,在所有条件属性变精度相关族的基础上利用启发式算法求得决策表的属性约简;最后,在上述的基础上结合分类器对入侵检测数据进行检测。实验结果表明,所提方法具有计算属性约简时间短的优点,在大样本数据集上,基于模糊粗糙集依赖度的属性约简算法NFRS运行所需时长为该算法的96倍。在入侵检测数据集NSL-KDD上,该方法可快速识别关键属性,剔除无效信息,其整体准确率可达到90.53%,且对Normal的识别准确率可达到97%。
It is an important task for an Intrusion Detection System(IDS)to identify abnormal user behaviors accurately and quickly.In order to solve the problems of high dimensionality and large sample size of intrusion detection data,a related family attribute reduction method based on variable precision covering rough set was proposed,and was applied to the intrusion detection data.Firstly,the variable precision related families with condition attributes were generated based on the covering decision table.Then,a heuristic algorithm was used to obtain the attribute reduction of the decision table based on all the variable precision related families with condition attributes.Finally,the intrusion detection data was detected by combining with the classifier on the above basis.Experimental results show that,the proposed method has the low time complexity of calculating attribute reduction,and on large sample datasets,the running time of attribute reduction algorithm named Neighborhood Fuzzy Rough Sets(NFRS)based on fuzzy rough set dependency is 96 times of that of the proposed method.On the NSL-KDD dataset,the proposed method can identify key attributes quickly,eliminate invalid information,and has the overall accuracy reached 90.53%and the accuracy of Normal reached 97%.
作者
欧彬利
钟夏汝
代建华
杨田
OU Binli;ZHONG Xiaru;DAI Jianhua;YANG Tian(School of Logistics and Transportation,Central South University of Forestry and Technology,Changsha Hunan 410004,China;Hunan Provincial Key Laboratory of Intelligent Computing and Language Information Processing(Hunan Normal University),Changsha Hunan 410081,China)
出处
《计算机应用》
CSCD
北大核心
2020年第12期3465-3470,共6页
journal of Computer Applications
基金
国家自然科学基金资助项目(11201490,61976089)
中国博士后科学基金资助项目(2017T100795)
湖南省自然科学基金资助项目(2017JJ2408)
湖南省重点研发计划项目(2018SK2129)
长沙市杰出创新青年培养计划项目(kq1905031)。
关键词
粗糙集
变精度覆盖粗糙集
属性约简
相关族
入侵检测
rough set
variable precision covering rough set
attribute reduction
related family
intrusion detection
