检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:唐菀[1] 杨喜敏[2] 谢夏[2] 曹阳[1,3]
机构地区:[1]武汉大学电子信息学院,湖北武汉430074 [2]华中科技大学计算机科学与技术学院,湖北武汉430074 [3]武汉大学软件工程国家重点实验室,湖北武汉430070
出 处:《华中科技大学学报(自然科学版)》2008年第11期60-63,共4页Journal of Huazhong University of Science and Technology(Natural Science Edition)
基 金:国家重点基础研究发展计划资助项目(2004CB318203);国家自然科学基金资助项目(6060300860603074)
摘 要:针对基于演化计算的网络入侵检测存在演化过程时间和空间开销大、误警率高等问题,采用基因表达式编程(GEP)模式表示入侵检测规则,提出针对GEP入侵检测规则的约束文法,并通过增加规则约束判断及处理过程改进GEP基本演化流程,生成满足约束的入侵检测规则.最后使用KDD CUP′99 DATA对该策略进行评估,所生成规则只需2个网络属性,在测试集中检测率为89.79%,误警率为0.41%.实验结果表明:在较小种群和低演化代数内,GEP规则约束和演化策略获得的规则有效而简洁,可检测到未知入侵,在保持较高检测率的同时可获得低误警率.The large time and memory space requirement during training data preprocessing and evolution, and high false alarm rate are major drawbacks of network intrusion detection techniques based on evolutionary computation. The intrusion detection rules were representated using gene expression programming (GEP). A formal definition of rule constraint grammar for intrusion detection GEP-based rule was proposed. In order to generate constraint-satisfied rules, the rule constraint judgement and processing was added into GEP basic evolution processes. Finally, the KDD CUP' 99 DATA was used for evaluation. In the test set, the probability of detection is 89.79 % and false alarm rate is 0.41%. The results indicate that the rules can be generated in small populations and less evolution generation through the proposed constraint and evolution strategy. The rules are effective, simple, and capable of detecting unknown intrusions. The false alarm rate is low remaining the high probability of detection.
关 键 词:网络 入侵检测 演化计算 基因表达式编程 规则约束 约束文法
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.148.170.88