计算机工程与应用 ›› 2012, Vol. 48 ›› Issue (29): 78-81.

• 网络、通信、安全 • 上一篇    下一篇

增量式SVM的数据流异常检测模型

孙  娜1,郭延锋1,姚  远2   

  1. 1.辽宁工业大学 电子与信息工程学院,辽宁 锦州 121001
    2.大连理工大学 计算机科学与技术学院,辽宁 大连 116023
  • 出版日期:2012-10-11 发布日期:2012-10-22

Network data stream abnormal detection model based on SVM incremental learning method

SUN Na1, GUO Yanfeng1, YAO Yuan2   

  1. 1.School of Electronics and Information Engineering, Liaoning University of  Technology, Jinzhou, Liaoning 121001, China
    2.School of Computer Science and Technology, Dalian University of  Technology, Dalian, Liaoning 116023, China
  • Online:2012-10-11 Published:2012-10-22

摘要: 针对网络数据流异常检测,既要保证分类准确率,又要提高检测速度的问题,在原有数据流挖掘技术的基础上提出一种改进的增量式学习算法。算法中建立多模型轮转结构,在每次训练中从几何角度出发求出当前训练样本集的支持向量,选择出分布于超平面间隔中的支持向量进行增量SVM训练。使用UCI标准数据库中的数据进行实验,并且与另外两种经典分类模型进行比较,结果表明了方法的有效性。

关键词: 增量式学习, 支持向量机, 数据流, 异常检测, 多模型

Abstract: The process of network attack detection not only needs to keep the accuracy of classification, but also reduces time consuming. On the basis of the traditional data stream mining methods, an improved incremental learning model is proposed. The proposed model builds a cycle structure with multi-models, and finds the support vectors in geometry direction. The model uses central distance ratio methods to obtain the best support vectors and then retrain Support Vector Machine(SVM) model. In experiment, the UCI dataset is employed and the model is compared with two other classification model. The experimental result proves the model has better classification performance.

Key words: incremental learning, Support Vector Machine(SVM), data stream, abnormal detection, multi-model