【作者】 高志平；

【导师】 李雷；

【作者基本信息】 南京邮电大学 ， 模式识别与智能系统， 2011， 硕士

【摘要】 支持向量机是建立在统计学习理论之上的机器学习方法,它将最大间隔与核函数理论结合在一起,有效的解决了长期困扰机器学习领域的小样本、高维数、非线性、过学习和局部最优解等难题。随着网络技术的发展和应用范围的扩大,人们越来越依赖于网络进行信息处理,信息系统已成为一个单位、一个行业、乃至一个国家持续发展的基础设施,网络安全也就成为国家与国防安全的重要组成部分。入侵检测技术是一种重要的动态安全防护技术,有效的弥补了传统静态防御技术的不足,已成为信息技术的一个重要研究方向。入侵检测本质上是一种模式识别问题,将支持向量机应用于入侵检测,可以提高检测性能。本文在研究入侵检测系统和支持向量机的基础上,做了以下工作和创新:1、提出了适合于入侵检测数据的分步特征选择算法,首先利用ReliefF算法删除不相关特征,然后利用KNN算法删除冗余特征,解决了传统ReliefF方法无法取出冗余特征的问题。2、提出了一种倒转二叉树的构造方法,一定程度上抑制了传统构造方法中的“误差积累”问题;提出了一种基于特征空间类间分离的分离判据,能够更好反映可分离性,具有更好的几何意义。3、结合基于二叉树的支持向量机和模糊支持向量机的优点,在二叉树的多类支持向量机中引入了模糊因子,提出了一种基于二叉树的模糊多类支持向量机入侵检测算法;同时结合传统的类中心距离隶属度函数和KNN算法思想,提出一种混合隶属度函数,解决了传统的基于类中心距离隶属度确定方法中无法有效区分支持向量与噪声孤立点的问题。更多还原

【Abstract】 SVM is a machine learning method based on statistical learning theory, which combines the maximum interval and the kernel function theory together and effectively solves the problems of small sample size, high dimension, nonlinear, over learning, local optimal solution and so on.With the development of network technology and the expansion of the scope of application, network is becoming the main method of information processing. Information systems have become a infrastructure of a country and network security has become an important component of the national security. Intrusion detection technology is an important dynamic security protection technology, and has become an important research direction of the information technology. Intrusion detection is essentially a pattern recognition problem, the applications of support vector machine in intrusion detection can improve the detection performance.Based on the study on intrusion detection system and support vector machines, we do the following work and innovation:1. A new feature selection algorithm to intrusion detection data is proposed.It’s that using ReliefF algorithm to remove irrelevant features, and then remove the redundant features using KNN algorithm;2. A new binary tree structure is proposed to solve the "error accumulation" problem; A new criterion of class separation based on Kernel function is proposed.It has the better effective to reflect the separability and has a better geometric significance;3. Considering the advantages of support vector machines based on binary tree and fuzzy support vector machine, a fuzzy factor is introduced to multi-class support vector machine based on binary tree; a new fuzzy membership function is proposed based on class center distance and the KNN algorithm to distinguish support vector and the noises more effectively.更多还原