改进粗糙集属性约简结合K-means聚类的网络入侵检测方法  被引量:23

Network intrusion detection method based on improved rough set attribute reduction and K-means clustering

在线阅读下载全文

作  者:王磊 WANG Lei(Center of Information Development and Management,Soochow University,Suzhou Jiangsu 215006,China)

机构地区:[1]苏州大学信息化建设与管理中心,江苏苏州215006

出  处:《计算机应用》2020年第7期1996-2002,共7页journal of Computer Applications

基  金:国家自然科学基金青年科学基金资助项目(61802272)。

摘  要:面对日益复杂的网络环境,传统入侵检测方法误报率高、检测效率低,且存在优化过程中准确性和可解释性相互矛盾等问题,因此提出一种结合改进粗糙集属性约简和K-means聚类的网络入侵检测(IRSAR-KCANID)方法。首先基于模糊粗糙集属性约简对数据集进行预处理,优化异常的入侵检测特征;再利用改进K-means聚类算法估计入侵范围阈值,并对网络特征进行分类;然后根据用于特征优化的线性规范相关性,从所选择的最优特征探索特征关联影响尺度以形成特征关联影响量表,完成对异常网络入侵的检测。实验结果表明,特征优化聚类后的最小化测量特征关联影响量表能在保证最大预测精度的前提下,最小化入侵检测过程的复杂度并缩短完成时间。Under increasingly complex network environment,traditional intrusion detection methods have high false alarm rate,low detection efficiency and the contradiction between accuracy and interpretability in the optimization process.Therefore,an Improved Rough Set Attribute Reduction and optimized K-means Clustering Approach for Network Intrusion Detection(IRSAR-KCANID)was proposed.Firstly,the dataset was preprocessed based on the attribute reduction of fuzzy rough set in order to optimize the anomalous intrusion detection features.Then,the threshold of intrusion range was estimated by improved K-means clustering algorithm,and the network features were classified.After that,according to the linear canonical correlation used for feature optimization,the feature association impact scale was explored from the selected optimal features in order to form the table of feature association impact scale,and the detection of anomalous network intrusion was completed.The experimental results show that the minimum measured feature association impact scale table after feature optimization clustering can minimize the complexity of intrusion detection process and shorten the completion time on the premise of guaranteeing maximum prediction accuracy.

关 键 词:网络异常检测 改进粗糙集属性约简 改进K-means聚类 相关性分析 特征关联尺度 

分 类 号:TP391[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象