基于分布式集成学习的入侵检测模型

作者:谢堉鑫;刘衍珩;朱建启;孙鑫;付枫 刊名:计算机工程 上传者:秦普学

【摘要】针对入侵检测系统的高漏报率及高误报率问题,提出一种混杂入侵检测模型。该模型分别构造基于核主成分分析(KPCA)和核独立成分分析(KICA)的特征提取器,并采用集成学习对特征提取结果进行整合学习。采用分布式神经网络对集成结果进行再学习,从而实现对大规模数据的分布式处理。通过反馈机制调节KPCA和KICA的集成学习权重,达到最优检测效果。采用KDD CUP’99数据集进行测试实验,结果表明:该模型能够获得较高的检测正确率,同时具有较低的漏报率及误报率。

全文阅读

基于分布式集成学习的入侵检测模型 谢堉鑫 a,b,刘衍珩 a,b,朱建启 a,b,孙 鑫 a,b,付 枫 a,b (吉林大学 a. 计算机科学与技术学院;b. 符号计算与知识工程教育部重点实验室,长春 130012) 摘 要:针对入侵检测系统的高漏报率及高误报率问题,提出一种混杂入侵检测模型。该模型分别构造基于核主成分分析(KPCA)和核独立成分分析(KICA)的特征提取器,并采用集成学习对特征提取结果进行整合学习。采用分布式神经网络对集成结果进行再学习,从而实现对大规模数据的分布式处理。通过反馈机制调节 KPCA 和 KICA 的集成学习权重,达到最优检测效果。采用 KDD CUP’99 数据集进行测试实验,结果表明:该模型能够获得较高的检测正确率,同时具有较低的漏报率及误报率。 关键词:入侵检测;集成;核主成分分析;核独立成分分析;分布式神经网络 Intrusion Detection Model Based on Distributed Integrated Learning XIE Yu-xina,b, LIU Yan-henga,b, ZHU Jian-qia,b, SUN Xina,b, FU Fenga,b (a. College of Computer Science and Technology; b. Key Laboratory of Symbolic Computation and Knowledge Engineering of Ministry of Education, Jilin University, Changchun 130012, China) 【Abstract】A hybrid intrusion detection model is presented against the high false positive and false negative rate in Intrusion Detection System (IDS). This model constructs two feature extractors based on Kernel Principle Component Analysis(KPCA) and Kernel Independent Component Analysis(KICA), and uses a novel ensemble approach to learn the results produced by the extractors. It has capacity of processing large-scale data by using distributed neural network to learn the ensemble results, and obtains the optimal detection result by means of feedback regulating to change the ensemble learning weight. KDD CUP’99 is adopted in experiment and the result shows the model gets the lower false negative rate and false positive rate besides the higher accuracy. 【Key words】intrusion detection; in

参考文献

引证文献

问答

我要提问