计算机工程与应用 ›› 2014, Vol. 50 ›› Issue (3): 75-78.

• 网络、通信、安全 • 上一篇    下一篇

改进蚁群算法和支持向量机的网络入侵检测

肖国荣   

  1. 广东金融学院 计算机科学与技术系,广州 510521
  • 出版日期:2014-02-01 发布日期:2014-01-26

Network intrusion detection by combination of improved ACO and SVM

XIAO Guorong   

  1. Department of Computer Science and Technology, Guangdong University of Finance, Guangzhou 510521, China
  • Online:2014-02-01 Published:2014-01-26

摘要: 为了提高网络入侵检测的正确率,提出一种改进蚁群优化算法(ACO)和支持向量机(SVM)相融合的网络入侵检测方法(ACO-SVM)。将SVM模型参数作为蚂蚁的位置向量,采用动态随机抽取的方法来确定目标个体引导蚁群进行全局搜索,同时在最优蚂蚁邻域内进行小步长局部搜索,找到SVM最优参数,采用最优参数建立网络入侵检测模型。利用KDDCUP99数据集对ACO-SVM性能进行测试,结果表明,ACO-SVM提高了网络入侵检测正确率,降低了误报率,可以为网络安全提供有效保证。

关键词: 网络入侵, 支持向量机, 蚁群算法, 检测

Abstract: In order to improve network intrusion detection accuracy, this paper proposes a network detection method based on improved Ant Colony Optimization algorithm(ACO) and Support Vector Machine(ACO-SVM). The parameters of SVM model are considered as the position vector of ants. Target individuals which lead the ant colony to do global rapid search are determined by dynamic and stochastic extraction, and the optimal ant of this generation searches in small step nearly. The optimal parameter value is obtained by ACO. The network intrusion detection model is obtained. The ACO-SVM performance is tested by KDD CUP99 data. The results show that the proposed method has improved the network anomaly detection accuracy, and reduced the false alarm rate.

Key words: network intrusion, Support Vector Machine(SVM), Ant Colony Optimization(ACO) algorithm, detection