检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]上海工程技术大学电子电气工程学院,上海201620
出 处:《计算机工程与科学》2012年第2期13-18,共6页Computer Engineering & Science
基 金:上海市教委科研创新项目(09YZ370);上海工程技术大学科技发展基金项目(2011XY16)
摘 要:为了改善入侵检测系统的性能,常采用特征提取的方法精简初始数据,以减轻系统的处理负荷,提高检测速度。本文首先采用粗糙集理论对入侵检测系统进行了形式化描述,以信息熵作为测度对连续数值属性进行离散化,使用知识约简对入侵检测的属性特征进行提取,通过信息增益控制属性特征的约简过程,有效剔除了冗余特征,减少了系统的处理负荷,提高了系统的检测时效。实验证实所提出的方法使系统对于PROBING、DoS等典型攻击的训练时间分别缩短2.8和3.2倍,而检测速度分别提高3.3和3.8倍。In order to improve the performance of intrusion detection systems,the initial data are usually preprocessed by feature extraction so as to reduce the payload of the system and increase its detection speed.At first the rough set theory is used to give a formal description to the intrusion detection systems.Information entropy is applied to the discretization of continuous numerical attributes.Attribute features for intrusion detection are extracted by knowledge reduction.Information gain is used to control the reduction procedure of attribute features.The redundant features are eliminated effectively.The processing payload of the system is reduced and its detection effect is improved.The experiments justify that the proposed method makes the training time of the system to typical attacks for DoS and PROBING is reduced by 2.8 and 3.2 times.The detection speed of the system for two attacks is increased by 3.2 and 4.5 times.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28
