【作者】 李伯虎；

【导师】 宗平；

【作者基本信息】 南京邮电大学 ， 软件工程， 2012， 硕士

【摘要】 随着网络技术的发展和应用范围的扩大,人们越来越依赖于网络进行信息处理,信息系统已成为国家持续发展的基础设施,网络安全也就成为国家与国防安全的重要组成部分。入侵检测是继防火墙、VPN、加密等传统安全防护技术之后的新一代信息安全积极主动的防御技术,它提供了对内部攻击、外部攻击和误操作的实时保护,在网络系统受到危害之前拦截和响应入侵,有效地弥补了传统静态防御技术的不足,已成为信息技术的一个重要研究方向。因为入侵检测需要处理大量数据,以从中发现入侵行为,利用数据挖掘技术能够从大量数据中发现特征和模式,从而有效地锁定相关入侵行为。本文的主要研究工作有:提出了一种适合于入侵检测数据的分步特征选择算法,首先利用ReliefF算法删除不相关特征,然后利用KNN算法删除冗余特征,解决了传统ReliefF方法无法取出冗余特征的问题;结合传统的类中心距离隶属度函数和KNN算法思想,给出了一种加权隶属度函数,解决了传统的基于类中心距离隶属度确定方法中无法有效区分支持向量与噪声孤立点的问题;结合支持向量机和模糊支持向量机的优点,在支持向量机中引入了模糊因子,并说明了基于模糊支持向量机的入侵检测算法。更多还原

【Abstract】 With the development of network technology and the expansion of the scope of application,people rely more and more on network information processing. Information systems have becomean infrastructure of a country and network security, which has become an important component ofthe national security. Following the firewall, VPN, encryption and other traditional securityprotection technology, Intrusion Detect System (IDS) becomes an important security inspectionapproach. It supports the protection of computer system against the external and internal intrusionand real-time protection. Intercept and response to the invasion before being harm to the networkcan make up for the deficiency of the traditional static defense technology, the intrusion detectiontechnology has become an important research direction of the information technology. Theintrusion detection need to deal with large amounts of data in order to find the invasion behavior,using data mining technology to found in features and pattern from a large number of data, so asto effectively lock related invasion of behavior.This thesis proposes a new feature selection algorithm for intrusion detection data. Firstly,we remove irrelevant features using ReliefF algorithm, then remove the redundant features usingKNN algorithm, so we solve the problem of the traditional ReliefF that cannot remove redundantfeatures. Then a new weighted membership function is given based on class center distance andthe KNN algorithm to distinguish support vector and the noises more effectively. Finally,considering the advantages of support vector machines and fuzzy support vector machine, webring in fuzzy factors in the support vector machine, and illustrate the intrusion detectionalgorithm that based on the fuzzy support vector machine.更多还原