本文選題：無線傳感器網(wǎng)絡　切入點：支持向量機　出處：《中國計量學院》2014年碩士論文

【摘要】：近些年來，網(wǎng)絡入侵方法層出不窮，而對節(jié)點能量和處理能力有限的無線傳感器網(wǎng)絡而言，其入侵手段更是防不勝防。針對WSN中常出現(xiàn)的Hello洪泛攻擊、黑洞攻擊、選擇性轉發(fā)攻擊、DoS攻擊和Sybil攻擊，本文提出了基于聚類與SVM多分類的糾錯輸出編碼算法，該算法可以在較低時間復雜度的基礎上有效地檢測出以上攻擊中的兩種，為攻擊的誤用檢測提供了有效的途徑。本文所做的工作以及研究成果如下： （1）在構造改進型H-ECOC-SVM糾錯輸出編碼矩陣時，同時引入了Hadamard編碼和稀疏型隨機編碼兩種思想，為了增強編碼矩陣的可用性和入侵檢測的準確性，在對編碼矩陣進行構造時考慮到了各列間的相關性以及各行間的漢明距離等影響因素，使各列間互不相關、各行間的最小漢明距離盡可能最大，來滿足SVM分類器的訓練要求，為構建最優(yōu)SVM二分類器奠定了良好的理論基礎。 （2）在分類器的構建方面，采用網(wǎng)格搜索和五折交叉驗證法進行核參數(shù)和懲罰參數(shù)的求取，并根據(jù)H-ECOC-SVM矩陣的編碼規(guī)則，把一個多類分類問題分解為多個兩類問題來進行求解，，這種方法不僅減小了需要求取的分類器參數(shù)的個數(shù)，而且簡化了單個分類器的訓練模型，為多類攻擊的檢測帶來了較大的便利。 （3）在特征提取之前，首先使用聚類算法對測試數(shù)據(jù)集進行一個初始的攻擊檢測，在不存在攻擊的情況下，該方法節(jié)省了一定的時間和能量消耗。PCA分析法在對訓練和測試數(shù)據(jù)進行主成分分析時，對特征向量的數(shù)據(jù)維數(shù)進行了分析提取，該過程減少了分類器的運算時間和工作量，滿足了入侵檢測對時間復雜度的要求。 （4）對Hello洪泛攻擊、黑洞攻擊、選擇性轉發(fā)攻擊、DoS攻擊和Sybil攻擊進行檢測時，實現(xiàn)了三種攻擊的檢測率在90%以上，兩種攻擊的漏報率在5%以下，檢測時間代價平均維持在0.1s以下的檢測水平，在有效地進行WSN入侵檢測中具有一定的實際參考價值。
[Abstract]:In recent years, network intrusion methods emerge in endlessly, but for wireless sensor networks with limited node energy and processing capacity, the intrusion means are even more difficult to prevent.Aiming at Hello flooding attack, black hole attack, selective forward attack dos attack and Sybil attack in WSN, this paper proposes an error correction output coding algorithm based on clustering and SVM multi-classification.This algorithm can effectively detect two of the above attacks on the basis of low time complexity, which provides an effective way for the misuse detection of attacks.The work and results of this paper are as follows:In order to enhance the usability of coding matrix and the accuracy of intrusion detection, two ideas of Hadamard coding and sparse random coding are introduced in the construction of improved H-ECOC-SVM error correction output coding matrix.In order to meet the training requirements of SVM classifier, the correlation of each column and the hamming distance between rows are taken into account in the construction of the coding matrix.It lays a good theoretical foundation for constructing the optimal SVM binary classifier.In the construction of classifier, the kernel parameters and penalty parameters are obtained by grid search and 50% cross-validation. According to the coding rules of H-ECOC-SVM matrix, a multi-class classification problem is decomposed into two kinds of problems to solve.This method not only reduces the number of classifier parameters to be obtained, but also simplifies the training model of a single classifier, which makes the detection of multi-class attacks more convenient.(3) before feature extraction, the clustering algorithm is used to detect the initial attack on the test data set.This method saves a certain amount of time and energy consumption. PCA method can analyze and extract the dimension of the feature vector when the training and test data are analyzed by principal component analysis (PCA). The process reduces the operation time and workload of the classifier.The time complexity of intrusion detection is satisfied.In the detection of Hello flooding attack, black hole attack, selective forward attack dos attack and Sybil attack, the detection rate of three attacks is over 90%, and the missing rate of two attacks is less than 5%.The detection time cost is kept below 0.1 s on average, so it has some practical reference value in effective WSN intrusion detection.
【學位授予單位】：中國計量學院
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP18;TP393.08

【參考文獻】

相關期刊論文 前7條

1 尹安容;謝湘;匡鏡明;;Hadamard糾錯碼結合支持向量機在多分類問題中的應用[J];電子學報;2008年01期

2 楊曉元;胡志鵬;魏立線;;分級結構Adaboost算法在無線傳感器網(wǎng)絡入侵檢測中的應用研究[J];傳感技術學報;2012年08期

3 陸虎;;基于PCA與屬性權重模糊聚類的入侵檢測方法[J];江蘇科技大學學報(自然科學版);2008年02期

4 張國印;孫瑞華;馬春光;朱華e

本文編號：1727248