Computer Engineering and Applications ›› 2010, Vol. 46 ›› Issue (22): 117-120.DOI: 10.3778/j.issn.1002-8331.2010.22.035

• 网络、通信、安全 • Previous Articles     Next Articles

Novel unsupervised anomaly detection based on incremental and robust principal component classifier

LI Jie-ying1,SUN Ying2   

  1. 1.College of Information,Henan University of Finance and Economics,Zhengzhou 450002,China
    2.Zhengzhou Railway Voctional & Technical College,Zhengzhou 450002,China
  • Received:2008-04-14 Revised:2009-08-13 Online:2010-08-01 Published:2010-08-01
  • Contact: LI Jie-ying


李洁颖1,孙 英2   

  1. 1.河南财经学院 信息学院,郑州 450002
    2.郑州铁路职业技术学院,郑州 450002
  • 通讯作者: 李洁颖

Abstract: Traditional intrusion detection methods are based on static data,and it cannot handle incremental data.However,new intrusion behaviors emerge endless.IDSs are required to learn the new types of intrusion.A novel scheme based on incremental principle component classifier is proposed.The experiments show that this approach can detect unknown intrusions more effectively,has a better performance in detection rate and false positive rate and the efficiency is improved at a certain extent even when the train data is incremental.

摘要: 传统的入侵检测算法对数据集的研究都是针对静态训练数据的,对于动态数据却显得无能为力。但在实际应用中,入侵行为层出不穷,入侵检测系统应能对新的入侵行为进行增量学习。为了解决该问题,在前期工作的基础上,提出一种基于增量式分类器的无监督异常检测方法;实验表明:该方法在训练数据为动态情况下,能够有效检测未知入侵,在检测率、误警率方面都达到较满意的结果,并在效率上有较大提高。

CLC Number: