基于广泛内核的CVM算法的入侵检测
Intrusion Detection System Using CVM Algorithm with Extensive Kernel Methods
-
摘要: 为了有效避免传统最小闭包球算法的内核限制问题以及子二次规划问题(quadratic problem, QP),提出了基于广泛内核的最小闭包球算法的入侵检测方法.首先算法对样本集求其中心约束的最小闭包球(center-constrained minimum enclosing ball, CCMEB)问题,通过球心和半径的更新求得新的最小闭包球(minimum enclosing ball, MEB),从而决定分类超平面的支持向量.然后从理论上分析该算法的收敛性、时间复杂度和空间复杂度.最后再根据支持向量的分布对网络的入侵行为进行分类.通过用KDD99数据的验证,证明了这种方法的有效性和可行性.Abstract: Intrusion detection system based on core vector machine with extensive kernel methods is presented to get rid of the restriction of kernels and the sub-quadratic problem. Firstly, the center-constrained minimum enclosing ball of a training data set is solved by the algorithm. The new MEB (minimum enclosing ball) is obtained by the simple update of the center and radius of the ball. Then the optimal separating hyperplane is constructed by the solutions of the core set. The convergence, time complexity and space complexity are proved theoretically. Finally, according to the distribution of the core set, the different intrusion actions can be detected. The related experiment indicates that the algorithm is feasible and effective.