基于新的条件熵的入侵检测算法

基于新的条件熵的入侵检测算法
罗晓;于磊;罗谦
【期刊名称】《计算机技术与发展》
【年(卷),期】2011(021)008
【摘要】Based on the analysis of the current intrusion detection approaches,existing security detection systems have many problems such as wrong detection of intrusions, missed intrusions, poor real-time performance,bring up a new detection method, namely adaptive intrusion detection algorithm based on new conditional entropy. In considering the theories related to information theory, this algorithm firstly discrete the collected data use the knowledge of information entropy, then analyze the discrete data, remove the redundant attributes by reduction method related to conditional entropy knowledge, finally generate a new detection rules for the further analysis of intrusion data. The experimental result shows that is more efficient than algorithms based on BP neural networks and vector machines; thereby, this detection algorithm can effectively improve the intrusion detection system's detection rate, and reduce the error detection rate, and this detection algorithm can improve the detection ratio by about 7% and reduce the wrong detection ratio. The system provides detection service effective for information systems, as well.%在分析了现有的入侵检测方法的基础上,为了降低入侵检测系统的错检率、降低漏检率和提高实时性,提出了一种新的检测方法:基于新的条件熵的入侵检测算
法.本算法在考虑信息论有关理论的基础上,利用信息熵的知识对收集到的数据进行离散化.通过分析离散化后的数据,利用新的条件熵的知识约简方法去除冗余属性,生成检测规则,然后用来分析入侵数据.实验结果表明:基于新的条件熵的入侵检测算法与基于BP神经网络和支持向量机的入侵检测算法比较,可以有效地提高入侵检测系统的检测率,降低错检率.该算法的检测率提高7%左右,能为信息系统提供很好的入侵检测服务.
【总页数】4页(P237-240)
【作者】罗晓;于磊;罗谦
【作者单位】中国民用航空局第二研究所,四川成都610041;中国民用航空局第二研究所,四川成都610041;西南交通大学信息科学与技术学院,四川成都610031;中国民用航空局第二研究所,四川成都610041
【正文语种】中文
【中图分类】TF393.08
【相关文献】
1.基于熵的聚类入侵检测算法研究 [J], 叶正旺
2.基于信息熵rough set的多层凝聚入侵检测算法 [J], 肖文雅;王红云
3.基于距离加权模板约简和属性信息熵的增量SVM入侵检测算法 [J], 徐永华;李广水
4.基于条件熵和改进遗传算法的入侵检测算法研究 [J], 宋海波;陆正福;张翔
5.基于条件熵和改进遗传算法的入侵检测算法研究 [J], 宋海波;陆正福;张翔
因版权原因，仅展示原文概要，查看原文内容请购买。