计算机工程与科学2012,Vol.34Issue(2):13-18,6.DOI:10.3969/j.issn.1007-130X.2012.02.003
基于粗糙集的入侵检测方法研究
Research on an Intrusion Detection Method Based on Rough Sets
摘要
Abstract
In order to improve the performance of intrusion detection systems, the initial data are u-sually preprocessed by feature extraction so as to reduce the payload of the system and increase its detection speed. At first the rough set theory is used to give a formal description to the intrusion detection systems. Information entropy is applied to the discretization of continuous numerical attributes. Attribute features for intrusion detection are extracted by knowledge reduction. Information gain is used to control the reduction procedure of attribute features. The redundant features are eliminated effectively. The processing payload of the system is reduced and its detection effect is improved. The experiments justify that the proposed method makes the training time of the system to typical attacks for DoS and PROBING is reduced by 2. 8 and 3. 2 times. The detection speed of the system for two attacks is increased by 3. 2 and 4. 5 times.关键词
入侵检测/粗糙集/属性约简/信息熵Key words
intrusion detection/rough set/attribute reduction/information entropy分类
信息技术与安全科学引用本文复制引用
史志才,夏永祥..基于粗糙集的入侵检测方法研究[J].计算机工程与科学,2012,34(2):13-18,6.基金项目
上海市教委科研创新项目(09YZ370) (09YZ370)
上海工程技术大学科技发展基金项目(2011XY16) (2011XY16)
