《计算机应用研究》|Application Research of Computers

基于特征选择的网络入侵检测方法

Feature selection based approach to network intrusion detection

免费全文下载 (已被下载 次)  
获取PDF全文
作者 戴远飞,陈星,陈宏,叶靓,林俊鑫,郭文忠
机构 1.福州大学 数学与计算机科学学院,福州 350108;2.福建省网络计算与智能信息处理重点实验室,福州 350108;3.国网信通亿力科技有限责任公司,福州 350003
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2017)08-2429-05
DOI 10.3969/j.issn.1001-3695.2017.08.043
摘要 针对现有入侵检测算法中存在着冗余或噪声特征导致的检测模型精度下降与训练时间过长的问题进行了研究,将特征选择算法引入到入侵检测领域,提出了一种基于特征选择的入侵检测方法。利用不同的离散化与特征选择算法生成具有差异的多个最优特征子集,并对每个特征子集进行归一化处理,用分类算法对提取后的特征进行学习建模。通过实验将该方法与基于传统算法(决策树、朴素贝叶斯、支持向量机)的入侵检测方法作比较,实验结果表明,该方法有效地提高了检测攻击的准确率,并且降低了模型的训练时间。
关键词 入侵检测;特征选择;机器学习
基金项目 国家自然科学基金资助项目(61402111)
福建科技重大项目(2015H6013)
厦门市重大科技计划项目(3502Z20151010)
本文URL http://www.arocmag.com/article/01-2017-08-043.html
英文标题 Feature selection based approach to network intrusion detection
作者英文名 Dai Yuanfei, Chen Xing, Chen Hong, Ye Jing, Lin Junxin, Guo Wenzhong
机构英文名 1.CollegeofMathematics&ComputerScience,FuzhouUniversity,Fuzhou350108,China;2.FujianProvincialKeyLaboratoryofNetworkComputing&InteligentInformationProcessing,Fuzhou350108,China;3.StateGridICTYiliTechnologyCo.,Ltd,Fuzhou350003,China
英文摘要 The intrusion detection system deals with huge amount of data which contains redundant and noisy features causing poor detection rate and slow training process. This paper introduced feature selection algorithm into the field of intrusion detection, and put forward a intrusion detection method based on feature selection. It used different discretization and feature selection algorithm to extract difference of multiple optimal feature subset, followed by normalizing the extracted feature subsets to perform a normalizing process. At last it applied the classification algorithm to create a model. Compared with the traditional algorithm (decision tree, naive Bayes, support vector machine), the experimental results demonstrate that the approach can effectively improve the precision of attack-detection and training cycle.
英文关键词 intrusion detection; feature selection; machine learning
参考文献 查看稿件参考文献
  [1] 蒋建春, 马恒太, 任党恩, 等. 网络安全入侵检测:研究综述[J] . 软件学报, 2000, 11(11):1460-1466.
[2] 毛勇, 周晓波, 夏铮, 等. 特征选择算法研究综述[J] . 模式识别与人工智能, 2007, 20(2):211-218.
[3] Fayyad U. Multi-interval discretization of continuous-valued attributes for classification learning[C] //Proc of International Joint Conference on Artificial Intelligence. 1993:1022-1027.
[4] Ma H. Correlation-based feature selection for machine learning[D] . Hamilton:The University of Waikato, 2000.
[5] Dash M, Liu Huan. Consistency-based search in feature selection[J] . Artificial Intelligence, 2003, 151(1-2):155-176.
[6] Zhao Zheng, Liu Huan. Searching for interacting features[C] //Proc of International Joint Conference on IJCAI. 2007:1156-1161.
[7] Lunt T F. Real-time intrusion detection[C] //Proc of the 34th IEEE Computer Society International Conference. 1989:348-353.
[8] Li Jun, Manikopoulos C N, Jorgenson J, et al. HIDE:a hierarchical network intrusion detection system using statistical preprocessing and neural network classification[C] //Proc of IEEE Workshop on Information Assurance and Security. 2001:85-90.
[9] Bridges S M, Vaughn R B. Fuzzy data mining and genetic algorithms applied to intrusion detection[C] //Proc of National Information Systems Security Conference. 2000:16-19.
[10] Gao Bo, Ma Huiye, Yang Yuhang. HMMs (hidden Markov models) based on anomaly intrusion detection method[C] //Proc of Internatio-nal Conference on Machine Learning and Cybernetics. 2002:381-385.
[11] Zhang Jiong, Zulkernine M, Haque A. Random-forests-based network intrusion detection systems[J] . IEEE Trans on Systems Man and Cybernetics Part C, 2008, 38(4):555-568.
[12] Wu Suyun, Yen E. Data mining-based intrusion detectors[J] . Expert Systems with Applications, 2009, 36(3):5605-5612.
[13] Barbara D, Wu Ningning, Jajodia S. Detecting novel network intrusions using Bayes estimators[C] //Proc of the 1st SIAM Conference on Data Mining. 2001.
[14] 康松林, 刘楚楚, 樊晓平, 等. WOS-ELM 算法在入侵检测中的研究[J] . 小型微型计算机系统, 2015, 36(8):1779-1783.
[15] 张付志, 王波. 基于SVM和粗糙集理论的用户概貌攻击检测方法[J] . 小型微型计算机系统, 2014, 35(1):108-112.
[16] 陈友, 程学旗, 李洋. 基于特征选择的轻量级入侵检测系统[J] . 软件学报, 2007, 18(7):1639-1651.
[17] Bolon C V, Sanchez M N, Alonso B A. A combination of discretization and filter methods for improving classification performance in KDD-Cup99 dataset[C] //Proc of International Joint Conference on Neural Networks. 2009:359-366.
[18] Fossi M, Egan G, Haley K, et al. Symantec Internet security threat report trends for 2010[R] . 2011.
收稿日期 2016/5/31
修回日期 2016/7/14
页码 2429-2433
中图分类号 TP393.08
文献标志码 A