本文選題：網(wǎng)絡(luò)入侵檢測(cè) + 單類支持向量機(jī)��； 參考：《暨南大學(xué)》2014年碩士論文

【摘要】：基于異常的網(wǎng)絡(luò)入侵檢測(cè)技術(shù)是一種重要的網(wǎng)絡(luò)安全技術(shù)，而基于SVM的入侵檢測(cè)技術(shù)是一個(gè)重要的研究方向。然而，現(xiàn)有的基于SVM的入侵檢測(cè)技術(shù)存在漏報(bào)率高、訓(xùn)練時(shí)間長(zhǎng)以及對(duì)未知入侵?jǐn)?shù)據(jù)檢測(cè)能力差的問題。 為緩解上述問題，，本文提出一種新的基于單類支持向量機(jī)(OCSVM)的網(wǎng)絡(luò)入侵檢測(cè)技術(shù)OCSVM-PSO。此技術(shù)將基于異常的網(wǎng)絡(luò)入侵檢測(cè)問題當(dāng)作一個(gè)二分類問題，其目標(biāo)是將數(shù)據(jù)樣本分成兩類，一類是正常的數(shù)據(jù)，另一類是異常的數(shù)據(jù)、即代表的入侵的數(shù)據(jù)（而忽略入侵的類型）。此技術(shù)的特點(diǎn)如下：1、通過利用主成分分析方法消除數(shù)據(jù)集的冗余屬性，提取數(shù)據(jù)集中的主要屬性，從而對(duì)數(shù)據(jù)集進(jìn)行降維。2、通過利用粒子群優(yōu)化算法(PSO)對(duì)向量機(jī)的核函數(shù)中的參數(shù)選擇過程進(jìn)行優(yōu)化，獲得單類向量機(jī)的最優(yōu)參數(shù)。本課題實(shí)現(xiàn)了上述技術(shù)，并對(duì)其進(jìn)行實(shí)驗(yàn)研究：首先使用此技術(shù)所選擇的最佳參數(shù)設(shè)定向量機(jī)以訓(xùn)練入侵檢測(cè)模型，然后利用預(yù)測(cè)數(shù)據(jù)集來檢驗(yàn)?zāi)Ｐ偷穆﹫?bào)率和對(duì)未知入侵的檢測(cè)率。實(shí)驗(yàn)結(jié)果表明：與基于多類向量機(jī)的入侵檢測(cè)技術(shù)和基于遺傳算法優(yōu)化的單類向量機(jī)的入侵檢測(cè)技術(shù)相比，本文所提出的方法能夠降低漏報(bào)率、減少訓(xùn)練時(shí)間、并能發(fā)現(xiàn)更多的未知入侵?jǐn)?shù)據(jù)。
[Abstract]:Anomaly based network intrusion detection technology is an important network security technology, and intrusion detection technology based on SVM is an important research direction. However, the existing intrusion detection technology based on SVM has the problems of high leakage rate, long training time and poor detection ability of unknown intrusion data.
In order to alleviate the above problems, a new network intrusion detection technology based on single class support vector machine (OCSVM) is proposed in this paper OCSVM-PSO.. The technology based on abnormal network intrusion detection is considered as a two classification problem. The goal is to divide the data into two classes, one is normal data, the other is abnormal, that is, the representative of the network intrusion detection problem. The characteristics of the intrusion are as follows: 1, by using the principal component analysis method to eliminate the redundant attributes of the data set and extracting the main attributes of the data set, the data set is reduced by.2, and the parameter selection process in the kernel function of the vector machine is carried out by using the particle swarm optimization algorithm (PSO). Optimization, the optimal parameters of a single class vector machine are obtained. This topic realizes the above technology and carries out an experimental study. First, the best parameter set by this technique is used to train the intrusion detection model, and then the prediction data set is used to test the failure rate of the model and the detection rate of the unknown intrusion. The experimental results show that: Compared with the intrusion detection technology based on multi class vector machines and the single class vector machine based on genetic algorithm, the proposed method can reduce the false alarm rate, reduce the training time, and find more unknown intrusion data.

【學(xué)位授予單位】：暨南大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類號(hào)】：TP393.08

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 劉奇有,程思遠(yuǎn);淺談網(wǎng)絡(luò)入侵檢測(cè)技術(shù)[J];電信工程技術(shù)與標(biāo)準(zhǔn)化;2003年08期

2 袁暉;;網(wǎng)絡(luò)入侵檢測(cè)的技術(shù)難點(diǎn)研究[J];網(wǎng)絡(luò)安全技術(shù)與應(yīng)用;2006年06期

3 王宏偉;;關(guān)聯(lián)規(guī)則挖掘技術(shù)在網(wǎng)絡(luò)入侵檢測(cè)中的應(yīng)用[J];黃石理工學(xué)院學(xué)報(bào);2006年03期

4 王丁;李向宏;運(yùn)海紅;;對(duì)網(wǎng)絡(luò)入侵檢測(cè)的評(píng)估模型[J];應(yīng)用能源技術(shù);2006年05期

5 周荃;王崇駿;王s

本文編號(hào)：1849578