检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]华东理工大学信息科学与工程学院,上海200237
出 处:《华东理工大学学报(自然科学版)》2006年第3期321-326,共6页Journal of East China University of Science and Technology
基 金:国家自然科学基金项目(69974014);教育部高校博士点基金项目(20040251010)
摘 要:提出一种新颖的基于特征抽取的异常检测方法,应用主分量分析(PCA)和核主分量分析(KPCA)抽取入侵特征,再应用支持向量机(SVM)检测入侵。其中PCA对输入特征做线性变换,而KPCA通过核函数进行非线性变换。利用KDD 99数据集,将PCA-SVM、KPCA-SVM与SVM、PCR、KPCR进行比较,结果显示:在不降低分类器性能的情况下,特征抽取方法能对输入数据有效降维。在各种方法中,KPCA与SVM的结合能得到最优入侵检测性能。Feature selection and feature extraction are two kinds of dimensionality reduction techniques to boost classifiers' performance. Very little work on feature extraction is taken in the field of network anomaly detection. This paper applies principal component analysis (PCA) and kernel prncipal component analysis(KPCA) to network intrusion feature extraction. The extracted features are employed by SVM for classification. PCA linearly transforms the original inputs into new uncorrelated features while KPCA is an nonlinear generalization of the linear PCA using the kernal method. The MIT's KDD Cup 99 dataset is used to evaluate these feature extraction methods, and classification performances achieved by SVM with PCA and KPCA feature extraction are compared with those obtained by principal component regression (PCR) and kernel principal component regression(KPCR) classification methods and by SVM without application of feature extraction. The results clearly demonstrate that feature extraction can greatly reduce the dimensionality of feature space witout degrading the claaifiers' performance. Among these methods, the best performance is achieved by SVM using only the first four principal components cxtracted by KPCA.
关 键 词:异常检测 特征抽取 主分量分析(PCA) 核主分量分析(KPCA) 支持向量机 (SVM)
分 类 号:TP393[自动化与计算机技术—计算机应用技术] TP18[自动化与计算机技术—计算机科学与技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222