[1]耿夏琛,李千目,叶德忠,等.基于粗糙加权平均单依赖估计的入侵检测算法[J].南京理工大学学报(自然科学版),2017,41(04):420.[doi:10.14177/j.cnki.32-1397n.2017.41.04.004]
 Geng Xiachen,Li Qianmu,Ye Dezhong,et al.Intrusion detection algorithm based on rough weightily averaged one-dependence estimators[J].Journal of Nanjing University of Science and Technology,2017,41(04):420.[doi:10.14177/j.cnki.32-1397n.2017.41.04.004]
点击复制

基于粗糙加权平均单依赖估计的入侵检测算法()
分享到:

《南京理工大学学报》(自然科学版)[ISSN:1005-9830/CN:32-1397/N]

卷:
41卷
期数:
2017年04期
页码:
420
栏目:
出版日期:
2017-08-31

文章信息/Info

Title:
Intrusion detection algorithm based on rough weightily averaged one-dependence estimators
文章编号:
1005-9830(2017)04-0420-08
作者:
耿夏琛1李千目1叶德忠2巫忠正2蒋 勇2
1.南京理工大学 计算机科学与工程学院,江苏 南京 210094; 2.中兴通讯股份有限公司 南京研发中心,江苏 南京 320100
Author(s):
Geng Xiachen1Li Qianmu1Ye Dezhong1Wu Zhongzheng2Jiang Yong2
1.School of Computer Science and Engineering,Nanjing University of Science andTechnology,Nanjing 210094,China; 2.Nanjing Research and Development Center,Zhongxing Telecommunication Equipment Corporation,Nanjing 320100,China
关键词:
入侵检测 粗糙集理论 属性约减 贝叶斯理论 粗糙加权平均单依赖估计
Keywords:
intrusion detection rough set theory attribute reduction Bayesian theory rough weightily averaged one-dependence estimators
分类号:
TP391
DOI:
10.14177/j.cnki.32-1397n.2017.41.04.004
摘要:
入侵检测作为网络安全的重要方向,得到了越来越多的重视,大量传统的数据挖掘算法被尝试应用到入侵检测的数据分析领域。随着网络带宽不断提升,激增的数据量和类型繁多的协议格式使得这些传统算法在入侵检测方向的应用出现了识别精度差、运行效率不高或者参数选取困难等实际问题。该文提出一种基于粗糙集理论和贝叶斯理论的粗糙加权平均单依赖估计入侵检测算法,该方法基于粗糙集理论对网络数据进行属性约简,使用加权平均单依赖估计方法进行分类,完成对网络数据的入侵检测,算法资源消耗较低且易于实现。实验证明,该方法具有较好运行效率与准确度。
Abstract:
Intrusion detection,as an important direction of network security,is gaining more and more attentions.A large number of traditional data mining algorithms are applied to the data analysis field of intrusion detection.With the increasing of network bandwidth,the great increasing amount of data and the various kinds of protocol types make the applications of these traditional algorithms encounter many reality problems,such as poor accuracy,low operating efficiency,difficulties of parameter selection,etc.In this paper,we propose an intrusion detection algorithm called rough weightily averaged one-dependence estimator,which is based on the rough set theory and Bayesian theory.This algorithm uses a subtraction method based on the rough set theory to reduce the attributes of network data,and uses weightily averaged one-dependence estimators to classify the data.By combining these two methods,this algorithm can do intrusion detection with low resource consumption and easy implementation.Experiment shows that the algorithm has better operating efficiency and accuracy compared with traditional algorithms.

参考文献/References:

[1] 杨雅辉,黄海珍,沈晴霓,等.基于增量式GHSOM神经网络模型的入侵检测研究[J].计算机学报,2014,37(5):1216-1224.Yang Yahui,Huang Haizhen,Shen Qingni,et al.Research on intrusion detection based on incremental GHSOM[J].Chinese Journal of Computers,2014,37(5):1216-1224.
[2]夏秦,王志文,卢柯.入侵检测系统利用信息熵检测网络攻击的方法[J].西安交通大学学报,2013,47(2):14-19.Xia Qin,Wang Zhiwen,Ke Lu.A method to detect network attacks using entropy in the intrusion detection system[J].Journal of Xi’an Jiaotong University,2013,47(2):14-19.
[3]Shakshuki E M,Kang N,Sheltami T R.EAACK—a secure intrusion-detection system for MANETs[J].IEEE Transactions on Industrial Electronics,2013,60(3):1089-1098.
[4]田志宏,王佰玲,张伟哲,等.基于上下文验证的网络入侵检测模型[J].计算机研究与发展,2013,50(3):498-508.Tian Zhihong,Wang Bailing,Zhang Weizhe,et al.Network intrusion detection model based on context verification[J].Journal of Computer Research & Development,2013,50(3):498-508.
[5]李国栋,胡建平,夏克文.基于云PSO的RVM入侵检测[J].控制与决策,2015,30(4):698-702.Li Guodong,Hu Jianping,Xia Kewen.Intrusion detection using relevance vector machine based on cloud particle swarm optimization[J].Control & Decision,2015,30(4):698-702.
[6]武小年,彭小金,杨宇洋,等.入侵检测中基于SVM的两级特征选择方法[J].通信学报,2015,36(4):19-26.Wu Xiaonian,Peng Xiaojin,Yang Yuyang,et al.Two-level feature selection method based on SVM for intrusion detection[J].Journal on Communications,2015,36(4):19-26.
[7]陈友,程学旗,李洋,等.基于特征选择的轻量级入侵检测系统[J].软件学报,2007,18(7):1639-1651. Chen You,Cheng Xueqi,Li Yang,et al.Lightweight intrusion detection system based on feature selection[J].Journal of Software,2007,18(7):1639-1651.
[8]Pawlak Z.Rough set theory and its applications to data analysis[J].Cybernetics & Systems,2010,29(29):661-688.
[9]Chen Hongmei,Li Tianrui,Luo Chuan,et al.A decision-theoretic rough set approach for dynamic data mining[J].IEEE Transactions on Fuzzy Systems,2015,23(6):1958-1970.
[10]Jaddi N S,Abdullah S.An interactive rough set attribute reduction using great deluge algorithm[C]//International Visual Informatics Conference.Selangor,Malaysia:Springer International Publishing,2013:285-299.
[11]Sarkar A M J,Lee Y K,Lee S.A smoothed naive Bayes-based classifier for activity recognition[J].Iete Technical Review,2014,27(2):107-119.
[12]Xie Z.A classifier selection strategy for lazy Bayesian rules based on local accuracy estimation[C]//Education Technology and Computer Science,ETCS’09,First International Workshop on.Wuhan,Hubei,China:IEEE,2009:156-159.
[13]Qiu Chen,Jiang Liangxiao,Li Chaoqun.Not always simple classification:learning super parent for class probability estimation[J].Expert Systems with Applications,2015,42(13):5433-5440.
[14]Jiang Liangxiao,Zhang Harry.Weightily averaged one-dependence estimators[C]//Pacific Rim International Conference on Artificial Intelligence.Cuilin,China:Springer-Verlag Berlin,Heidelberg,2006:970-974.
[15]DARPA intrusion detection evaluation[EB/OL].http://www.ll.mit.edu/ideval/data/1999data.html,2016-06-29.
[16]KDD-CUP-99 task description[EB/OL].http://kdd.ics.uci.edu/databases/kddcup99/task.html,2016-06-29.
[17]KDD cup 1999 data[EB/OL].http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html,2016-06-29.

相似文献/References:

[1]王飞,钱玉文,王执铨,等.基于无监督聚类算法的入侵检测[J].南京理工大学学报(自然科学版),2009,(03):288.
 WANG Fei,QIAN Yu-wen,WANG Zhi-quan.Intrusion Detection Based on Unsupervised Clustering Algorithm[J].Journal of Nanjing University of Science and Technology,2009,(04):288.
[2]潘志松,倪桂强,谭琳,等.异常检测中单类分类算法和免疫框架设计[J].南京理工大学学报(自然科学版),2006,(01):48.
 PAN Zhi-song,NI Gui-qiang,TAN Ling,et al.One-class Classification and Immune Framework in Abnormal Detection[J].Journal of Nanjing University of Science and Technology,2006,(04):48.

备注/Memo

备注/Memo:
收稿日期:2016-06-29 修回日期:2016-10-16基金项目:国家重点研发计划政府间国际科技创新合作重点专项(S2016G9070); 江苏省重大研发计划社会发展项目(BE2017739); 江苏省重大研发计划产业前瞻项目(BE2017100); 中央高校基本科研业务费专项资金(30916015104); 赛尔下一代互联网创新项目(NGII20160122); 中兴通讯产学研合作论坛合作项目(2016ZTE04-11)
作者简介:耿夏琛(1992-),男,硕士生,主要研究方向:数据挖掘,信息安全,E-mail:406354451@qq.com; 通讯作者:李千目(1979-),男,博士,教授,主要研究方向:信息安全,数据挖掘,E-mail:liqianmu@126.com。
引文格式:耿夏琛,李千目,叶德忠,等.基于粗糙加权平均单依赖估计的入侵检测算法[J].南京理工大学学报,2017,41(4):420-427.
投稿网址:http://zrxuebao.njust.edu.cn
更新日期/Last Update: 2017-08-31