一种基于有监督局部决策分层支持向量机的异常检测方法
doi: 10.3724/SP.J.1146.2010.00321
A Supervised Local Decision Hierachical Support Vector Machine Based Anomaly Intrusion Detection Method
-
摘要: 该文针对包含多种攻击模式的高维特征空间中的异常检测问题,提出了一种基于有监督局部决策的分层支持向量机(HSVM)异常检测方法。通过HSVM的二叉树结构实现复杂异常检测问题的分而治之,即在每个中间节点上,通过信息增益准则构建有监督学习所需的训练信号,监督局部决策;在每个嵌入中间节点的二分类支持向量机(SVM)的训练过程中,以局部决策边界对特征的敏感度为依据,选择入侵检测的局部最优特征子集。实验结果表明,该文提出的异常检测方法能够在训练信号的局部决策监督下构建具有良好稳定性的检测学习模型,并能以更精简的特征信息实现检测精确率和检测效率的提高。Abstract: This paper dedicates to propose a supervised local decision Hierachical Support Vector Machine (HSVM) learning model for anomaly intrusion detection in high dimensional feature space. The binary-tree structure of HSVM presents a divide-and-conquer algorithm for complex anomaly intrusion detection problem, i.e., the training signal for supervising local decision at each internal node is constructed according to information gain criterion. The embedded SVMs at internal node are trained on local optimized feature subsets standing on the sensitivity degrees of a margin to features. The experimental results suggest that the proposed anomaly intrusion detection method can gain learning model with better stability under the local decision supervisal of training signals. Further, it also achieves competitive detection accuracy and higher detection efficiency with condensed feature information.
-
计量
- 文章访问数: 3348
- HTML全文浏览量: 86
- PDF下载量: 751
- 被引次数: 0
下载:
