设为首页 联系我们 加入收藏

当前位置: 网站首页 期刊分类目录 2013第5期 正文

基于支持向量机和遗传算法融合的入侵检测

作者:时间:2014-06-11点击数:

全文下载:2013050532

张飞, 张得生

(黄淮学院 信息工程学院,河南  驻马店 463000)

摘要: 为了研究网络异常入侵检测问题,将支持向量机(SVM)和遗传(GA)算法融合并应用于入侵检测领域,区分正常和异常的用户行为,实现对网络系统的入侵检测。传统SVM算法易产生训练参数选择不当,难以获得较高的检测效率和分类精度等问题。针对此问题,提出了一种优化的基于SVM-GA融合的入侵检测方法,首先对网络入侵数据进行归一化处理简化输入,然后通过遗传算法对SVM训练参数进行同步优化,最后采用SVM算法对网络数据进行检测,分类识别得到网络入侵结果。仿真实验结果表明,该融合算法训练时间短、检测精度高、误报率和漏报率低,是一种有效可行的入侵检测方法。

关键词: 异常入侵检测; 支持向量机; 遗传算法; 归一化处理

中图分类号:  TP 393文献标志码: A

Network Intrusion Detection Based on the Integration of SVM and Genetic Algorithm

ZHANG Fei, ZHANG De-sheng

(School of Information Engineering, Huanghuai University,  Zhumadian  463000,China)

Abstract: The purpose of this paper is to do research on the problems of network intrusion detection. Integration of the SVM and GA algorithms are applied to the intrusion detection field to distinct the normal and abnormal user behaviors, for network intrusion detection system. Traditional SVM algorithm is easy to produce the inappropriate choice of training parameters, which is difficult to obtain high detection efficiency and classification accuracy. In response to these problems, we propose a SVM-GA based optimization of the integration of intrusion detection, which firstly normalizes the network intrusion data to simplify the input, then optimizes SVM training parameters simultaneously with the genetic algorithm, and finally detects network intrusion making the use of SVM algorithm to achieve the classification and reorganization results. Simulation results show that the fusion algorithm have shorter training time, higher accuracy, lower false positive and false negative rate, which is a feasible and effective network intrusion detection method.

Key words:intrusion detection; support vector machine; genetic algorithm; normalization processing

收稿日期:2012-09-20

基金项目: 河南省科技攻关项目(122102210510).

作者简介: 张飞(1974—),男,硕士.

Copyright © 2011-2017 青岛科技大学学报 (自然科学版)