四川大学学报(自然科学版)2012,Vol.49Issue(2):329-334,6.DOI:10.3969/j.issn.0490-6756.2012.02.014
一种基于多分类器协同训练的网络异常检测方法
A network anomaly detection method based on the co-training of multi classifiers
摘要
Abstract
The network anomaly detection method based on machine learning is an important field in the study of intrusion detection. Many labeled samples are needed to train classifiers in the traditional machine learning algorithms, however, usually labeled samples are hard to collect, resulting difficult in the training of classifiers; furthermore, the classification bias and detection holes, facing by single classifier, can hardly be overcome. To solve these problems, in the paper, an anomaly detection method based on the co-training of multi classifiers MCAD is proposed. In MCAD little number of labeled samples together with many unlabeled samples are employed to co-train multi classifiers to reduce the classification bias and detection holes. The classical network anomaly detection data set KDD CUP99 is utilized in the comparison experiments to test MCAD, and the results demonstrate that the training cost of MCAD is much reduced, while the network anomaly detection performance is improved.关键词
网络安全/入侵检测/异常检测/协同训练Key words
Network security, intrusion detection, anomaly detection, co-training分类
信息技术与安全科学引用本文复制引用
杨弢,陈文..一种基于多分类器协同训练的网络异常检测方法[J].四川大学学报(自然科学版),2012,49(2):329-334,6.基金项目
国家自然科学基金(61173159) (61173159)
四川大学青年教师科研启动基金(2011SCU11086) (2011SCU11086)
