计算机应用 ›› 2010, Vol. 30 ›› Issue (05): 1202-1205.

• 信息安全 • 上一篇    下一篇

基于粗糙集理论与核匹配追踪的入侵检测

唐继勇1,宋华2,孙浩2,邓亚平3   

  1. 1. 重庆电子工程职业学院
    2. 重庆邮电大学
    3. 重庆邮电大学计算机科学与技术学院
  • 收稿日期:2009-12-01 修回日期:2009-12-28 发布日期:2010-05-04 出版日期:2010-05-01
  • 通讯作者: 唐继勇
  • 基金资助:
    重庆邮电大学自然科学基金资助项目

Intrusion detection based on rough set theory and kernel matching pursuit

  • Received:2009-12-01 Revised:2009-12-28 Online:2010-05-04 Published:2010-05-01
  • Contact: tang jiyong

摘要: 提出一种将粗糙集理论与核匹配追踪算法结合起来的入侵检测方法,利用粗糙集理论在处理大数据量、消除冗余信息等方面的优势,减少机器训练数据,克服支持向量机(SVM)等算法因为数据量大而处理速度慢的缺点。同时,借助核匹配追踪良好的分类识别性能,并对每个样本作出不同的重要性定义,对粗糙集约筒后的最小属性子集进行分类,实现入侵检测的快速、高分类精度和高检测率。实验结果表明,该方法优于单纯采用粗糙集或人工免疫的方法。

关键词: 入侵检测, 粗糙集理论, 核匹配追踪, 机器学习

Abstract: An intrusion detection method combinding Rough Set (RS) theory and Kernel Matching Pursuit (KMP) algorithm was proposed. In virtue of the ability that rough set can decrease the amount of data and get rid of redundancy, the proposed method could reduce the amount of machine training data, and overcome the disadvantage of slow processing speed because of large amount data in Support Vector Machine (SVM) algorithms. Meanwhile, KMP algorithm, with the help of good classification and recognition, made a different definition of importance on each sample, so that the core of property set could be classified, and intrusion detection could be realized rapidly with high classification accuracy and high detection rate and so on. The experimental results show that this method is better than the method based on RS only and the method based on Artificial Immune (AI).

Key words: intrusion detection, rough set theory, Kernel Matching Pursuit (KMP), machine learning