本文選題：粗糙集　切入點(diǎn)：數(shù)據(jù)補(bǔ)齊　出處：《青島科技大學(xué)》2014年碩士論文

【摘要】：隨著互聯(lián)網(wǎng)的迅速普及與廣泛應(yīng)用，網(wǎng)絡(luò)的安全問題也日益嚴(yán)重。近年來，，作為維護(hù)網(wǎng)絡(luò)安全的一項(xiàng)主要技術(shù)，入侵檢測(cè)技術(shù)得到了廣泛的關(guān)注。但是，現(xiàn)有的入侵檢測(cè)系統(tǒng)還存在很多的問題，例如，系統(tǒng)的檢測(cè)準(zhǔn)確率低，但是誤警率卻居高不下。另外，系統(tǒng)不能實(shí)時(shí)地檢測(cè)新的攻擊。導(dǎo)致上述問題的主要原因之一就在于，現(xiàn)有的入侵檢測(cè)方法并沒有考慮到入侵檢測(cè)系統(tǒng)本身所具有的不確定性和不完備性。入侵檢測(cè)系統(tǒng)所面對(duì)的網(wǎng)絡(luò)環(huán)境是相對(duì)開放和復(fù)雜的，因此系統(tǒng)具有不確定性、不完備性等特征。然而，現(xiàn)有的入侵檢測(cè)方法通常假設(shè)其所處理的原始數(shù)據(jù)都是確定的和完備的，缺乏有效的機(jī)制來處理不確定和不完備數(shù)據(jù)。 為了有效處理入侵檢測(cè)系統(tǒng)所具有的不確定性和不完備性，本文將利用粗糙集理論來表示和處理入侵檢測(cè)系統(tǒng)中的不確定和不完備數(shù)據(jù)，并且將粗糙集和離群點(diǎn)挖掘技術(shù)結(jié)合在一起來檢測(cè)入侵。針對(duì)入侵檢測(cè)系統(tǒng)中的不確定和不完備數(shù)據(jù)，我們基于粗糙集理論提出兩種數(shù)據(jù)預(yù)處理算法：基于相對(duì)決策熵與加權(quán)相似性的數(shù)據(jù)補(bǔ)齊算法、基于近似決策熵的屬性約簡算法。在上述兩種數(shù)據(jù)預(yù)處理算法基礎(chǔ)上，我們進(jìn)一步提出一種基于離群點(diǎn)挖掘的入侵檢測(cè)方法，從而構(gòu)建一種新的入侵檢測(cè)模型。我們所構(gòu)建的模型可以有效處理入侵檢測(cè)系統(tǒng)中的不確定、不完備數(shù)據(jù)，從而可以在一定程度上解決現(xiàn)有的入侵檢測(cè)系統(tǒng)所存在的問題。 本文的工作主要包括以下幾個(gè)方面： （1）提出一種基于相對(duì)決策熵與加權(quán)相似性的粗糙集數(shù)據(jù)補(bǔ)齊算法。針對(duì)現(xiàn)有的粗糙集數(shù)據(jù)補(bǔ)齊方法所存在的問題，本文提出一種新的加權(quán)相似性的概念，并使用相對(duì)決策熵來計(jì)算屬性重要性，從而設(shè)計(jì)出一種基于相對(duì)決策熵與加權(quán)相似性的粗糙集數(shù)據(jù)補(bǔ)齊算法。我們?cè)谡鎸?shí)數(shù)據(jù)集上驗(yàn)證了該算法的有效性。 （2）提出一種基于近似決策熵的屬性約簡算法。針對(duì)現(xiàn)有的基于信息熵的屬性約簡算法所存在的問題，本文提出了近似決策熵這一新的信息熵模型，并基于近似決策熵設(shè)計(jì)出一種新的屬性約簡算法。我們?cè)诙鄠€(gè)UCI數(shù)據(jù)集上進(jìn)行了實(shí)驗(yàn)，相對(duì)于傳統(tǒng)的算法，我們的算法可以取得較小的約簡和較高的分類精度，并且具有較低的計(jì)算開銷。 （3）提出一種基于離群點(diǎn)挖掘的入侵檢測(cè)方法。我們對(duì)傳統(tǒng)的基于距離的離群點(diǎn)檢測(cè)算法進(jìn)行改進(jìn)，并將其應(yīng)用于入侵檢測(cè)中。針對(duì)傳統(tǒng)的基于距離的離群點(diǎn)檢測(cè)算法不能有效處理離散型屬性的問題，本文基于粗糙集理論提出一種針對(duì)離散型屬性的距離度量，并由此設(shè)計(jì)出相應(yīng)的離群點(diǎn)檢測(cè)算法。通過把入侵行為看作是離群點(diǎn)，我們將所提出的離群點(diǎn)檢測(cè)算法應(yīng)用于入侵檢測(cè)中，從而得到一種新的無監(jiān)督入侵檢測(cè)方法。我們采用入侵檢測(cè)領(lǐng)域中廣泛使用的KDD Cup99數(shù)據(jù)集來驗(yàn)證該方法的有效性，相對(duì)于傳統(tǒng)的方法，我們所提出的方法具有更好的入侵檢測(cè)性能。
[Abstract]:With the rapid popularization of the Internet and the widespread application, the security problem of network is becoming more and more serious. In recent years, as a key technology to maintain network security, intrusion detection technology has been widely concerned. However, the existing intrusion detection system has many problems, for example, low accuracy of detection system, but the error alarm rate is high. In addition, the system can detect new attacks. One of the main reasons leading to these problems is that the current detection methods of intrusion detection system does not take into account the inherent uncertainty and incompleteness. The intrusion detection system in network environment is relatively open and complex. So the system has the uncertainty, incompleteness and other features. However, the current detection methods usually assume that the original data processing is determined and a complete lack of effective. The mechanism is used to deal with indeterminate and incomplete data.
In order to effectively deal with the intrusion detection system with uncertainty and incompleteness, this paper will use the rough set theory to represent and deal with the intrusion detection system with the uncertain and incomplete data, and the rough set and outlier mining combined intrusion detection. The intrusion detection system in uncertain and incomplete based on the data, we put forward the theory of two kinds of data preprocessing algorithm of rough set: the relative decision entropy and weighted similarity algorithms based on the data, the attribute reduction algorithm based on approximate entropy decision. In the two kinds of data preprocessing algorithms, we further propose an intrusion detection method based on outlier mining, in order to build a new intrusion detection model. We constructed the model can effectively deal with the uncertain intrusion detection system, incomplete data, which can be in a certain extent To solve the existing problems of the existing intrusion detection system.
The work of this article mainly includes the following aspects:
(1) presents a similar relative decision entropy and weighted based on the data filling algorithm of rough set based on rough set data completation method. The problems existing, this paper proposes a new weighted similarity concept, and using the relative decision entropy to calculate the attribute importance, then design a relative similarity based on the data entropy and weighted decision algorithms of rough set. We verify the effectiveness of the algorithm on real data sets.
(2) proposed an attribute reduction algorithm based on approximate entropy decision. In view of the existing attribute reduction algorithm based on information entropy of the existing problems, this paper proposes the approximate decision entropy is a new information entropy model, and approximate entropy decision to design a new attribute reduction algorithm based on our experiments. In multiple UCI data sets, compared with the traditional algorithm, our algorithm can achieve higher classification accuracy and smaller reduction, and has low computational overhead.
(3) proposed an intrusion detection method based on outlier mining. We have the traditional distance based outlier detection algorithm was improved, and its application in intrusion detection. Aiming at the distance outlier detection algorithm effectively deal with discrete attribute problem based on the traditional, this paper proposes a theory for discrete attribute distance metric based on Rough Set, and design a corresponding outlier detection algorithm. Through the intrusion behavior as outliers, we proposed outlier detection algorithm applied to intrusion detection, in order to get a new unsupervised intrusion detection method. We use KDD Cup99 data the use of intrusion detection in the field set to verify the effectiveness of the approach, compared with the traditional method, the performance of the intrusion detection method we proposed has better.

【學(xué)位授予單位】：青島科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 蒲元芳;張巍;滕少華;杜紅樂;;基于決策樹的協(xié)同網(wǎng)絡(luò)入侵檢測(cè)[J];江西師范大學(xué)學(xué)報(bào)(自然科學(xué)版);2010年03期

2 高正憲,李中學(xué);入侵檢測(cè)研究現(xiàn)狀及其發(fā)展[J];重慶工業(yè)高等專科學(xué)校學(xué)報(bào);2003年03期

3 張會(huì)影;;基于聚類與決策樹的綜合入侵檢測(cè)算法研究[J];計(jì)算機(jī)安全;2010年09期

4 陳華,李繼波;異常(Outlier)檢測(cè)算法綜述[J];大眾科技;2005年09期

5 羅敏,王麗娜,張煥國;基于無監(jiān)督聚類的入侵檢測(cè)方法[J];電子學(xué)報(bào);2003年11期

6 張鳳斌,楊永田,江子揚(yáng);遺傳算法在基于網(wǎng)絡(luò)異常的入侵檢測(cè)中的應(yīng)用[J];電子學(xué)報(bào);2004年05期

7 楊明;;決策表中基于條件信息熵的近似約簡[J];電子學(xué)報(bào);2007年11期

8 江峰;杜軍威;眭躍飛;曹存根;;基于邊界和距離的離群點(diǎn)檢測(cè)[J];電子學(xué)報(bào);2010年03期

9 張星;郝偉;;不完備或缺失數(shù)據(jù)及其填補(bǔ)方法研究[J];福建電腦;2007年04期

10 田樹新;吳曉平;王紅霞;;一種基于改進(jìn)的ROUSTIDA算法的數(shù)據(jù)補(bǔ)齊方法[J];海軍工程大學(xué)學(xué)報(bào);2011年05期

相關(guān)博士學(xué)位論文 前1條

1 曹付元;面向分類數(shù)據(jù)的聚類算法研究[D];山西大學(xué);2010年

本文編號(hào)：1713477