计算机工程与应用 ›› 2016, Vol. 52 ›› Issue (7): 122-126.

• 网络、通信与安全 • 上一篇    下一篇

基于粒子群的加权朴素贝叶斯入侵检测模型

任晓奎,缴文斌,周  丹   

  1. 辽宁工程技术大学 电子与信息工程学院,辽宁 葫芦岛 125105
  • 出版日期:2016-04-01 发布日期:2016-04-19

Intrusion detection model of Weighted Navie Bayes based on Particle Swarm Optimization algorithm

REN Xiaokui, JIAO Wenbin, ZHOU Dan   

  1. School of Electronic and Information Engineering, Liaoning Technical University, Huludao, Liaoning 125105, China
  • Online:2016-04-01 Published:2016-04-19

摘要: 针对传统朴素贝叶斯算法对高维复杂的入侵行为检测效率低下的状况,提出一种基于粒子群的加权朴素贝叶斯入侵检测模型。模型首先用粗糙集理论对样本属性特征集进行约简,再利用改进的粒子群算法优化加权朴素贝叶斯算法的属性权值,获得属性权值的最优解,用获得的最优解构造贝叶斯分类器完成检测。其中,改进的粒子群是采用权衡因子方法更新其速度和位置公式,避免产生局部最优。两种算法的结合,既能解决传统朴素贝叶斯算法的特征项冗余问题,同时也可以优化特征项间的强独立性问题。通过实验证实了该模型的实效性,提高了检测率。

关键词: 入侵检测, 粗糙集理论, 加权朴素贝叶斯, 粒子群优化算法

Abstract: Traditional Navie Bayes algorithm exists the issues of low inefficiency for the high dimensional and complex intrusion detection. In order to solve this problem, a detection model based on Weighted Naive Bayes which has been optimized by Particle Swarm Optimization algorithm is proposed. Firstly, the model reduces the dimension of the data samples using rough set theory. Secondly, the improved Particle Swarm Optimization algorithm searches the best attribute weights of Weighted Naive Bayes. Finally, Navie Bayes classifier is structured with the best attribute weights to complete detection. Among them, the improved Particle Swarm Optimization algorithm is using the weighting factor to update its position and velocity formula so as to avoid local optimal. The combination of the two algorithms can not only solve the feature redundancy problem of the traditional Navie Bayes algorithm, but also can optimize the strong independence between features. Through the experiments, the model is effective, and the detection rate is improved.

Key words: intrusion detection, rough sets theory, Weighted Naive Bayes, Particle Swarm Optimization algorithm