Journal of Systems Engineering and Electronics ›› 2012, Vol. 34 ›› Issue (5): 1036-1040.doi: 10.3969/j.issn.1001-506X.2012.05.32

• 通信与网络 • 上一篇    下一篇

基于修正核函数SVM的网络入侵检测

井小沛, 汪厚祥, 聂凯   

  1. 海军工程大学电子工程学院, 湖北 武汉 430033
  • 出版日期:2012-05-23 发布日期:2010-01-03

Network intrusion detection based on modified kernel function SVM

JING Xiao-pei, WANG Hou-xiang, NIE Kai   

  1. Electronic Engineering Institute, Naval University of Engineering, Wuhan 430033, China
  • Online:2012-05-23 Published:2010-01-03

摘要:

支持向量机分类方法在小样本、非线性情况下具有较好的泛化性能,在入侵检测系统中有着广泛的应用。针对入侵检测过程中可能出现的由两类样本不平衡造成的分离超平面偏移现象,以核函数所蕴含的黎曼几何为依据,引入一个伪一致性变换函数,对核函数进行修改,提高支持向量机的分类泛化能力,建立基于支持向量机的网络入侵检测系统,并对系统总体结构和运行机制进行了详细的描述。实验仿真表明,该系统可有效地提高入侵检测的准确率,改善由于数据集不平衡造成的支持向量机分类偏移的情况。

Abstract:

As the support vector machine (SVM) classification approach has a good generalization performance in the cases of small  number and non-linear samples, it is widely used in network intrusion detection fields. In order to resolve the offset  phenomenon of separating a hyperplane caused by imbalanced data, Riemannian geometry inherent in a nuclear function is  regarded as an important basis and a pseudoconsistency transformation function is also introduced, both of which are  used to modify the kernel function and improve the generalization ability of SVM classification. On this basis, an  intrusion detection system based on modified kernel function SVM is established, and a detailed description of the  overall structure of the system and operating mechanism is made. Finally, simulation experiment shows that this system  can achieve a more accurate detection rate and improve the SVM’s classification offset phenomenon caused by imbalanced  data sets.