Ant colony clustering intrusion detection method based on transduction support vector machine

A support vector machine and intrusion detection technology, applied in the direction of instruments, calculation models, electrical components, etc., can solve the problems of difficult detection of attacks and difficulties in obtaining training data, and achieve low false negative rate, good detection effect, and high detection accuracy rate effect

Inactive Publication Date: 2019-04-16
潘晓君
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] A drawback of guided anomaly detection is that it requires a set of completely normal data to train the model. If the training data contains attack data, these

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ant colony clustering intrusion detection method based on transduction support vector machine
  • Ant colony clustering intrusion detection method based on transduction support vector machine
  • Ant colony clustering intrusion detection method based on transduction support vector machine

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] The KDD CPU 99 data set is used as the detection object for simulation experiments. KDD CPU 99 includes DOS, U2R, U2L, PROBE and other attack methods, and also contains a large amount of normal data. Among them, the training set contains 5 million records, and the test machine contains 2 million records. Some data are selected for simulation experiments. Among them, the DOS training data 3000 records, 600 tests; 5000 PROBE training records, 1200 test records; 300 U2R training records, 100 test records; 600 R2L training records, 150 test records; 30000 normal data records, 8000 test records. Use PC computer, MATLAB to simulate,

[0047] Using a transduction support vector machine-based ant colony clustering intrusion detection method to process the data, including the following steps:

[0048] Step 1, preprocessing the network data and extracting the attributes of the network data;

[0049] Step 2, initialize GA related parameters, including crossover probability, muta...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the field of computer security, in particular to an ant colony clustering intrusion detection method based on a transduction support vector machine. The method specifically includes the following steps: performing data extraction and preprocessing, extracting data attributes, initializing GA parameters and populations, selecting the populations, and evaluating the individual fitness in the populations; and initializing IACO, assigning the location, taboo list and pheromone concentration of ants, setting IACO termination conditions and the like. The invention also provides a specific algorithm for the probability that ants determine the next target and pheromone updating. Through an IACO-GA joint model, the method achieves higher accuracy, lower error reporting rates and lower missing report rates compared to a non-joint algorithm.

Description

technical field [0001] The invention belongs to the field of computer network security, in particular to an ant colony clustering intrusion detection method based on a transduction support vector machine. Background technique [0002] In recent years, the openness and virtuality of the network have brought great convenience to network intrusion. In response to the increasingly serious network intrusion activities, the intrusion detection system (IDS), as a proactive security protection technology, has developed rapidly. [0003] Anomaly-based intrusion detection techniques can be divided into anomaly detection that requires guidance and anomaly detection that does not require guidance. Anomaly detection that requires guidance establishes a normal data model through observed normal data, and then detects abnormal data that deviates from the normal model. This approach is able to detect new attack types because these new attack data also deviate from the normal data model. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06N3/00
CPCG06N3/006H04L63/1416
Inventor 潘晓君
Owner 潘晓君
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap