检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]武汉科技大学计算机科学与技术学院,武汉430065
出 处:《计算机应用》2012年第6期1632-1635,1639,共5页journal of Computer Applications
基 金:湖北省教育厅科技项目(D20101105)
摘 要:通过对网络攻击类型和入侵检测方法的研究,发现常用的入侵检测方法不能很好地检测U2R和R2L两类攻击。为解决异常检测中对于U2R和R2L两类攻击检测率低的问题,提出了一种基于支持向量机和贝叶斯分类的异常检测模型,该模型利用BIRCH聚类算法减少训练数据集中重复记录,并利用支持向量机分类算法和贝叶斯分类算法分别检测DoS、Probe攻击和U2R、R2L攻击。实验结果表明,该模型对于U2R和R2L的检测率分别提高到了68.6%和45.7%。Through the research into the types of network attack and the intrusion detection methods,the fact that the normal intrusion detection method was not good enough for detecting U2R(User to Root) and R2L(Remote to Local) was found.To improve the detection rate of anomaly detection system for U2R and R2L,an anomaly detection model based on Support Vector Machine(SVM) and Bayesian classification was suggested.In order to reduce the redundant records in the training data,the BIRCH(Balanced Iterative Reducing and Clustering using Hierarchies) clustering algorithm was used.Besides,the detection model applied SVM for detecting DoS and Probe and used Bayesian classification to detect U2R and R2L.The experimental results show that the proposed model improves obviously the detection rate for U2R and R2L,up to 68.6 percent and 45.7 percent respectively.
关 键 词:异常检测 BIRCH聚类 支持向量机 贝叶斯分类 KDD99
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.3