本文選題：網(wǎng)絡(luò)安全 + 入侵檢測　； 參考：《北京郵電大學》2014年碩士論文

【摘要】：近年來,隨著計算機技術(shù)與互聯(lián)網(wǎng)的快速發(fā)展,網(wǎng)絡(luò)信息量呈爆發(fā)式增長。然而,高速發(fā)展的信息技術(shù)在帶給人們便捷的同時,也留下了網(wǎng)絡(luò)安全難題。伴隨著網(wǎng)絡(luò)容量與網(wǎng)民總數(shù)的增長,各種網(wǎng)絡(luò)入侵事件層出不窮,大有愈演愈烈之勢。面對來勢洶洶的網(wǎng)絡(luò)安全問題,人們提出了各種安全技術(shù)。這其中,入侵檢測技術(shù)作為能化被動防守為主動攔截的安全技術(shù),正成為人們研究的熱點方向。 然而,傳統(tǒng)的入侵檢測技術(shù)主要是基于規(guī)則匹配的專家知識系統(tǒng),需要手工更新匹配模式,代價昂貴而低效。面對新型入侵手段時,顯得相當乏力。為克服這種入侵檢測技術(shù)的弱點,出現(xiàn)了大量基于機器學習的入侵檢測技術(shù)。機器學習方法可以直接對收集到的海量審計數(shù)據(jù)進行訓練建模,自動生成檢測模型,極大改善入侵檢測系統(tǒng)的效率。 在眾多的機器學習方法中,支持向量機以其對小樣本,高維度數(shù)據(jù)良好的分類效率脫穎而出,成為近年來研究的重點。本文將主要研究基于支持向量機的入侵檢測。主要工作如下： 在詳細討論了支持向量機的理論基礎(chǔ)一統(tǒng)計學習理論的基礎(chǔ)上,本文首先提出了基于雙支持向量機的入侵檢測系統(tǒng),詳細分析了系統(tǒng)各個模塊并仿真實現(xiàn)了各個模塊。特別地,為解決雙支持向量機的參數(shù)選擇問題,提出了針對雙支持向量機的參數(shù)選擇算法。此外,為能夠直接處理未標注類別的原始審計數(shù)據(jù),還提出了基于單類支持向量機的入侵檢測系統(tǒng)。為檢驗所提出的入侵檢測系統(tǒng)的檢測性能,采用入侵檢測領(lǐng)域廣泛使用的KDD'99數(shù)據(jù)集進行實驗,并與最新的研究成果進行對比。最終的實驗結(jié)果表明,本文所提出的基于雙支持向量機的入侵檢測系統(tǒng)在所有4大類攻擊中均取得了檢測率的提升,特別是對樣本量少的攻擊,提升更為明顯,并取得了最高的總檢測率。而基于單類支持向量機也能夠有效處理無類別的數(shù)據(jù)集。
[Abstract]:In recent years, with the rapid development of computer technology and Internet, the amount of network information is explosive. However, the rapid development of information technology not only brings convenience to people, but also leaves a difficult problem of network security. With the growth of network capacity and the total number of Internet users, various network intrusions emerge in endlessly and become more and more intense. In the face of the threat of network security, people put forward a variety of security techniques. Among them, intrusion detection technology, as a security technology that can transform passive defense into active interception, is becoming a hot research direction. However, the traditional intrusion detection technology is mainly based on the rule matching expert knowledge system, which needs to update the matching pattern manually, which is expensive and inefficient. In the face of a new type of invasion, it seems rather weak. In order to overcome the weakness of this intrusion detection technology, a large number of intrusion detection techniques based on machine learning have emerged. The machine learning method can directly train and model the massive audit data collected, and generate the detection model automatically, which greatly improves the efficiency of the intrusion detection system. Among many machine learning methods, support vector machine (SVM) has become the focus of research in recent years because of its good classification efficiency for small samples and high dimensional data. This paper will focus on intrusion detection based on support vector machine (SVM). The main work is as follows: based on the detailed discussion of the statistical learning theory, a new intrusion detection system based on double support vector machine is proposed in this paper. Each module of the system is analyzed in detail and each module is realized by simulation. In particular, in order to solve the parameter selection problem of dual support vector machine, a parameter selection algorithm for double support vector machine is proposed. In addition, an intrusion detection system based on single class support vector machine is proposed to deal with the raw audit data of unlabeled classes directly. In order to test the detection performance of the proposed intrusion detection system (IDS), the KDD 99 data set, which is widely used in the field of intrusion detection, is used for experiments and compared with the latest research results. Finally, the experimental results show that the proposed intrusion detection system based on dual support vector machine has achieved a higher detection rate in all four kinds of attacks, especially for small sample size attacks. The highest total detection rate was obtained. And the support vector machine based on single class can also deal with the data set without class effectively.
【學位授予單位】：北京郵電大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.08;TP18

【參考文獻】

相關(guān)期刊論文 前1條

1 饒鮮,董春曦,楊紹全;基于支持向量機的入侵檢測系統(tǒng)[J];軟件學報;2003年04期

，

本文編號：2034231