计算机应用 ›› 2015, Vol. 35 ›› Issue (10): 2883-2885.DOI: 10.11772/j.issn.1001-9081.2015.10.2883

• 信息安全 • 上一篇    下一篇

基于决策树与朴素贝叶斯分类的入侵检测模型

姚潍, 王娟, 张胜利   

  1. 深圳大学 信息工程学院, 广东 深圳 518000
  • 收稿日期:2015-04-02 修回日期:2015-07-27 出版日期:2015-10-10 发布日期:2015-10-14
  • 通讯作者: 王娟(1979-),女,广东深圳人,副教授,博士,主要研究方向:无线通信网,juanwang@szu.edu.cn
  • 作者简介:姚潍(1990-),男,湖北黄冈人,硕士研究生,主要研究方向:无线通信网;张胜利(1978-),男,广东深圳人,副教授,博士,主要研究方向:物理层网络编码。
  • 基金资助:
    国家自然科学基金资助项目(61372078)。

Intrusion detection model based on decision tree and Naive-Bayes classification

YAO Wei, WANG Juan, ZHANG Shengli   

  1. College of Information Engineering, Shenzhen University, Shenzhen Guangdong 518000, China
  • Received:2015-04-02 Revised:2015-07-27 Online:2015-10-10 Published:2015-10-14

摘要: 入侵检测要求系统能够快速准确地找出网络中的入侵行为,因此对检测算法的效率有较高的要求。针对入侵检测系统效率和准确率偏低,系统的误报率和漏报率偏高的问题,在充分分析C4.5算法和朴素贝叶斯(NB)算法后,提出一种二者相结合的H-C4.5-NB入侵检测模型。该模型以概率的形式来描述决策类别的分布,并由C4.5和NB概率加权和的形式给出最终的决策结果,最后使用KDD 99数据集测试模型性能。实验结果表明,与传统的C4.5、NB和NBTree方法相比,在H-C4.5-NB中对拒绝服务(DoS)攻击的分类准确率提高了约9%,对U2R和R2L攻击的准确率提高约20%~30%。

关键词: 入侵检测, 决策树, 朴素贝叶斯, 概率加权和

Abstract: Intrusion detection requires the system to identify network intrusions quickly and accurately, so it also requires high efficiency of the detection algorithm. In order to improve the efficiency and accuracy of intrusion detection system, and reduce the rate of false positives and false negatives, a H-C4.5-NB intrusion detection model combined C4.5 with Naive Bayes (NB) was proposed after fully analyzing the C4.5 and NB algorithm. The distribution of decision category was described in the form of probability in this model, and the final decision results were given in the form of C4.5 and NB probability weighted sum. Finally the performance of the model was tested by KDD 99 data set. The experimental results showed that the accuracy of Denial of Service (DoS) was improved about 9% and the accuracy of U2R and R2L was improved about 20%-30% in H-C4.5-NB compared to the traditional methods such as C4.5, NB and NBTree.

Key words: intrusion detection, Decision Tree (DT), Naive Bayes (NB), probability weighted sum

中图分类号: