一种基于半监督GHSOM的入侵检测方法  被引量:23

A Method of Intrusion Detection Based on Semi-Supervised GHSOM

在线阅读下载全文

作  者:阳时来[1] 杨雅辉[1] 沈晴霓[1] 黄海珍[1] 

机构地区:[1]北京大学软件与微电子学院,北京102600

出  处:《计算机研究与发展》2013年第11期2375-2382,共8页Journal of Computer Research and Development

基  金:国家自然科学基金项目(61070237;61232005;61073156)

摘  要:基于神经网络的入侵检测方法是入侵检测技术的一个重要发展方向.在已有无监督生长型分层自组织映射(growing hierarchical self-organizing maps,GHSOM)神经网络算法的基础上,提出了一种半监督GHSOM算法.该算法利用少量有标签的数据指导大规模无标签数据的聚类过程.一方面借鉴cop-kmeans半监督机制,解决了原始算法中返回空划分的问题,并将其应用到GHSOM算法中.另一方面提出了神经元信息熵的概念作为子网生长的判断条件,提高了GHSOM网络子网划分的精度.此外还利用有标签的数据自动确定聚类结果的入侵类型.对KDD Cup 1999数据集和LAN环境下模拟产生的数据集进行的入侵检测实验表明:相比于无监督的GHSOM算法,半监督的GHSOM算法对各种类型的攻击具有较高的检测率.Network intrusion detection technology based on artificial neural network is an important research direction in intrusion detection area. This paper proposes a semi-supervised GHSOM (growing hierarchical self-organizing maps) neural network algorithm, in which the clustering process of large amount of unlabeled data is conducted by small amount of labeled data. On the one hand, the idea of semi-supervised cop-kmeans algorithm is introduced into the unsupervised GHSOM algorithm, and the problem on returning no result is solved in the semi-supervised GHSOM algorithm. On the other hand, the concept of neural entropy is proposed and used as the judgment condition of the neural network growth to improve precision of division of subnets of the neural network. Besides, the labeled data are also used to determine the intrusion type of nerve cells automatically. The network intrusion detection experiment results based on KDD Cup 1999 data set and the data set collected in LAN both show that the total detection rate of the network intrusion detection system through employing semi- supervised GHSOM algorithm is higher than the network detection rate of the intrusion detection system through employing unsupervised GHSOM algorithm.

关 键 词:入侵检测 半监督 生长型分层自组织映射 聚类 信息熵 

分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象