Computer Engineering and Applications ›› 2008, Vol. 44 ›› Issue (29): 138-141.DOI: 10.3778/j.issn.1002-8331.2008.29.039

• 网络、通信、安全 • Previous Articles     Next Articles

Dimensionality reduction of characters used to intrusion detection system

FAN Yu-tao1,2,CAO Li1,YU Sheng-chen1   

  1. 1.Computer Science Department of North China Institute of Science & Technology,Beijing 101601,China
    2.College of Engineering,Graduate School of CAS,Beijing 100049,China
  • Received:2007-11-23 Revised:2008-02-27 Online:2008-10-11 Published:2008-10-11
  • Contact: FAN Yu-tao

网络入侵检测系统中的特征降维方法

范玉涛1,2,高 立1,余生晨1

  

  1. 1.华北科技学院 计算机系,北京 101601
    2.中国科学院 研究生院 工程教育学院,北京 100049
  • 通讯作者: 范玉涛

Abstract: In general,if more inter-independent characters are used in Intrusion Detection System(IDS),then more classification information will be provided,which is favor of improving whole performance of IDS.But on the other hand,fewer inter-independent characters are needed for IDS,because IDS is completed through mathematics method.To resolve the contradiction and to improve the real-time and whole performance of IDS,an approach,called dimensionality reduction of characters,is presented in the paper,in which the information of n characters are compressed to kk<n) characters through mathematics transformation,and these new compressed characters are used to recognize intruders.When they are used as the input of IDS,the whole performance of IDS can be improved.On the base of the new compressed characters,a back propagate neural network IDS is built.Tests show that the approach and IDS developed in the paper are useful and available.The conclusion is that through dimensionality reduction of characters presented,the information of n characters is not only kept,but also fewer inter-independent characters are used to IDS,which can lead to reducing the computing complexity of IDS and improving the whole performance of IDS.

Key words: intrusion detection system, dimensionality reduction of characters, back propagate neural network

摘要: 一般来说,入侵检测系统(IDS)识别入侵者时,所使用的相互独立的特征越多,则提供的分类信息也越多,也越有利于提高IDS的正确识别率,但另一方面,IDS是借用一些数学方法来完成的,它要求用于分类的特征越少越好。为了解决这个矛盾,提高IDS的实时性和整体性能,给出了一种特征降维算法,即,通过数学变换,把原来n个特征的信息尽量集中到较少的kk<n)个新特征中去,然后用这k个新特征识别入侵者。这些较少的新特征作为IDS的输入,可以提高IDS的整体性能。以此为基础建立了一个基于反向传播神经元网络的IDS。实验证明用该方法所建立的IDS效果较好。给出的特征降维算法既可以保留原来n个特征的信息,又能用较少的k个新特征识别入侵者,提高了IDS的总体性能,降低了计算复杂度。

关键词: 入侵检测系统, 特征降维, 反向传播神经元网络