本文選題：入侵檢測(cè)　切入點(diǎn)：極限學(xué)習(xí)機(jī)　出處：《江蘇科技大學(xué)》2017年碩士論文

【摘要】：大數(shù)據(jù)時(shí)代背如何保證網(wǎng)絡(luò)環(huán)境安全已成為當(dāng)今廣大學(xué)者研究的熱點(diǎn)。以往的安全技術(shù)諸如數(shù)字加密、防火墻、VPN等技術(shù)一定程度上提高了網(wǎng)絡(luò)安全性能,但是隨著入侵手段的不斷提高,復(fù)雜多樣化的入侵技術(shù)能夠輕易的破解以前的安全技術(shù),在這種情況下,網(wǎng)絡(luò)安全工作者提出的入侵檢測(cè)(Intrusion Detection)引發(fā)了新一輪網(wǎng)絡(luò)安全的研究熱潮。隨后,以入侵檢測(cè)為基礎(chǔ)的主動(dòng)智能的入侵防御系統(tǒng)(IPS)應(yīng)運(yùn)而生,有效的彌補(bǔ)了入侵檢測(cè)系統(tǒng)無(wú)法智能檢測(cè)和應(yīng)付攻擊的缺陷。本文深入研究了入侵檢測(cè)算法的相關(guān)文獻(xiàn),分析了當(dāng)前入侵檢測(cè)系統(tǒng)中存在的一些不足,提出了一種基于核極限學(xué)習(xí)機(jī)和粒子群優(yōu)化的入侵檢測(cè)算法,有效的提高入侵檢測(cè)系統(tǒng)的性能。本文針對(duì)基于單核極限學(xué)習(xí)機(jī)的入侵檢測(cè)算法誤報(bào)率高、收斂速度慢以及泛化能力弱等缺陷提出了一種改進(jìn)的粒子群優(yōu)化多核極限學(xué)習(xí)機(jī)算法(PKELM)。算法中,通過(guò)核函數(shù)的Mercer性質(zhì)合成多核函數(shù),以解決單核機(jī)器中出現(xiàn)魯棒性能差檢測(cè)率低等缺陷;然后通過(guò)高斯擾動(dòng)等方式提高粒子群算法的局部搜索能力,用來(lái)優(yōu)化多核極限學(xué)習(xí)機(jī)中的核參數(shù)以及正則化因子,以提高多核極限學(xué)習(xí)機(jī)的收斂速度和泛化能力。同時(shí)針對(duì)網(wǎng)絡(luò)數(shù)據(jù)數(shù)量龐大,特征分布離散等問(wèn)題,提出了一種基于改進(jìn)的粒子群優(yōu)化K-Means的聚類算法(IPMeans)。算法中,通過(guò)改進(jìn)的粒子群算法優(yōu)化K-Means的聚類中心,以提高K-Means算法的聚類能力,然后將此算法處理入侵?jǐn)?shù)據(jù),增加數(shù)據(jù)集中相似數(shù)據(jù)的聚集度,使處理后的數(shù)據(jù)更易被入侵檢測(cè)系統(tǒng)識(shí)別,提高檢測(cè)系統(tǒng)的運(yùn)行速度和系統(tǒng)處理海量數(shù)據(jù)的能力。結(jié)合優(yōu)化的多核極限學(xué)習(xí)機(jī)和優(yōu)化的K-Means聚類提出了一種改進(jìn)的粒子群優(yōu)化K均值與多核極限學(xué)習(xí)機(jī)理論相結(jié)合的入侵檢測(cè)算法(IPMeans-PKELM)。該算法在基于核極限學(xué)習(xí)機(jī)的入侵檢測(cè)算法的基礎(chǔ)上增加了核參數(shù)優(yōu)化和入侵?jǐn)?shù)據(jù)聚類處理的功能。相對(duì)原入侵檢測(cè)算法處理高維復(fù)雜數(shù)據(jù)檢測(cè)率低,以及隨機(jī)設(shè)置KELM的隱層節(jié)造成檢測(cè)結(jié)果誤差較大等問(wèn)題,IPMeans-PKELM算法通過(guò)引入IPMeans算法對(duì)入侵?jǐn)?shù)據(jù)進(jìn)行聚類處理,增加入侵?jǐn)?shù)據(jù)的識(shí)別度,提高了入侵檢測(cè)系統(tǒng)的識(shí)別速度;同時(shí)采用改進(jìn)的粒子群算法對(duì)多核參數(shù)進(jìn)行優(yōu)化,提高了入侵檢測(cè)系統(tǒng)的泛化能力和檢測(cè)率。最后,在KDD CUP99環(huán)境下對(duì)本文算法進(jìn)行仿真實(shí)驗(yàn),將IPMeans處理過(guò)的數(shù)據(jù)采用10-CV分割,通過(guò)優(yōu)化的多核極限學(xué)習(xí)機(jī)進(jìn)行訓(xùn)練檢測(cè),實(shí)驗(yàn)結(jié)果表明該算法能有效提高檢測(cè)率,并能降低系統(tǒng)的誤報(bào)率和漏警率。
[Abstract]:How to ensure the security of network environment in big data era has become a hot topic for many scholars. Previous security technologies, such as digital encryption, firewall VPN and so on, have improved the network security performance to a certain extent. But with the continuous improvement of intrusion means, complex and diversified intrusion technology can easily break into the previous security technology, in this case, Intrusion Detection proposed by network security workers has triggered a new wave of research on network security. Subsequently, an active and intelligent intrusion prevention system (IPS) based on intrusion detection came into being. It effectively makes up the defect that intrusion detection system can not detect and deal with attack intelligently. This paper deeply studies the related literature of intrusion detection algorithm, and analyzes some shortcomings of current intrusion detection system. An intrusion detection algorithm based on kernel limit learning machine and particle swarm optimization is proposed to improve the performance of intrusion detection system. In this paper, the false positive rate of intrusion detection algorithm based on single core learning machine is high. In this paper, an improved particle swarm optimization (PSO) algorithm for multi-core limit learning machine (PSO) is proposed. In the algorithm, the multi-kernel function is synthesized by the Mercer property of the kernel function. In order to solve the defects such as low detection rate of poor performance and so on, the local search ability of particle swarm optimization algorithm is improved by means of Gao Si perturbation, which is used to optimize the kernel parameters and regularization factors in the multi-core extreme learning machine. In order to improve the convergence speed and generalization ability of multi-core extreme learning machine, a clustering algorithm based on improved particle swarm optimization (K-Means) is proposed to solve the problems of large amount of network data and discrete feature distribution. The improved particle swarm optimization algorithm is used to optimize the clustering center of K-Means in order to improve the clustering ability of K-Means algorithm. Then the algorithm is used to deal with intrusion data and increase the aggregation degree of similar data in the dataset. To make the processed data more easily identified by the intrusion detection system, In this paper, an improved particle swarm optimization (PSO) K-means and multi-core extreme learning machine (MULLM) theory are proposed in combination with the optimized multi-core extreme learning machine and the optimized K-Means clustering, which can improve the speed of the detection system and the ability of the system to process the massive data. The combined intrusion detection algorithm IPMeans-PKELM.On the basis of the intrusion detection algorithm based on the kernel limit learning machine, this algorithm adds the functions of kernel parameter optimization and intrusion data clustering processing. Compared with the original intrusion detection algorithm, the detection rate of high-dimensional complex data is lower than that of the original intrusion detection algorithm. IPMeans-PKELM algorithm introduces IPMeans algorithm to cluster intrusion data, which increases the recognition degree of intrusion data and improves the recognition speed of intrusion detection system. At the same time, the improved particle swarm optimization algorithm is used to optimize the multi-core parameters, which improves the generalization ability and detection rate of the intrusion detection system. Finally, the simulation experiment of this algorithm is carried out under the KDD CUP99 environment, and the data processed by IPMeans is segmented by 10-CV. The experimental results show that the algorithm can effectively improve the detection rate and reduce the false alarm rate and false alarm rate of the system.
【學(xué)位授予單位】：江蘇科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2017
【分類號(hào)】：TP393.08;TP18

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 劉欣然;李柏松;常安琪;魯輝;田志宏;;當(dāng)前網(wǎng)絡(luò)安全形勢(shì)與應(yīng)急響應(yīng)[J];中國(guó)工程科學(xué);2016年06期

2 徐向藝;;幾種常規(guī)群體智能算法的研究[J];通訊世界;2016年22期

3 陳興亮;李永忠;于化龍;;基于IPMeans-KELM的入侵檢測(cè)算法研究[J];計(jì)算機(jī)工程與應(yīng)用;2016年22期

4 李永忠;陳興亮;于化龍;;基于改進(jìn)DS證據(jù)融合與ELM的入侵檢測(cè)算法[J];計(jì)算機(jī)應(yīng)用研究;2016年10期

5 賈洪杰;丁世飛;史忠植;;求解大規(guī)模譜聚類的近似加權(quán)核k-means算法[J];軟件學(xué)報(bào);2015年11期

6 楊景明;馬明明;車海軍;徐德樹(shù);郭秋辰;;多目標(biāo)自適應(yīng)混沌粒子群優(yōu)化算法[J];控制與決策;2015年12期

7 王茜;劉勝會(huì);;改進(jìn)K-means算法在入侵檢測(cè)中的應(yīng)用研究[J];計(jì)算機(jī)工程與應(yīng)用;2015年17期

8 夏學(xué)文;劉經(jīng)南;高柯夫;李元香;曾輝;;具備反向?qū)W習(xí)和局部學(xué)習(xí)能力的粒子群算法[J];計(jì)算機(jī)學(xué)報(bào);2015年07期

9 李國(guó)棟;胡建平;夏克文;;基于云PSO的RVM入侵檢測(cè)[J];控制與決策;2015年04期

10 張文博;姬紅兵;;融合極限學(xué)習(xí)機(jī)[J];電子與信息學(xué)報(bào);2013年11期

，

本文編號(hào)：1681477