节点文献
危险因素辨识及其演化方法研究
Study on Identification and Evolvement Methods of Dangerous Factors
【作者】 郑辉;
【导师】 黄光球;
【作者基本信息】 西安建筑科技大学 , 系统工程, 2009, 硕士
【摘要】 随着计算机网络的飞速发展和人类对网络的依赖程度的增加,病毒和网络攻击等网络危险因素也日益泛滥,网络安全问题逐渐受到人类的重视,成为当前网络发展的重要课题。支持向量机理论是由Vapnik等人于1995年提出的,它是基于统计学习理论的机器学习算法,通过结构风险最小化原则来最小化实际风险,在处理高维小样本数据时,具有泛化能力强等突出优点,在模式识别特别是入侵检测等领域都得到了广泛的应用。本文首先分析了基于支持向量机的检测模型的基本情况,针对此模型的时间复杂度过高的缺点,引入常用的特征抽取技术核主成分分析技术,提出基于KPCA的SVM检测模型,通过KPCA对原始空间中的数据进行特征提取,选取部分主要成分,除去特征中的冗余信息,降低了特征维数,在检测效率的少量下降的代价下,明显提高了时间效率。鉴于核函数对支持向量机的重要性以及当前核函数的发展,在支持向量机中采用组合核函数的思想,将多项式核函数和径向基核函数组合形成组合核函数,提出了基于KPCA的组合核函数SVM检测模型,以期待能够获取更好的检测性能,并使用KDDCUP99数据集进行试验验证,表明该模型与基于KPCA的SVM检测模型相比,检测效率稍好,但时间效率有些许下降,总体来说两者性能基本相当,但本模型明显具有更好的泛化能力和稳定性。
【Abstract】 With the rapid development of computer network and the increases of human dependence on the network,dangerous factors in network such as viruses and network attacks,are becoming inundating,network security issue earn recognition of human gradually,and become an important subject of network development.The support vector machine theory was brought by Vapnik and others in 1995,and it is based on statistical learning theory of machine learning algorithms,through the structural risk minimization principle to minimize the actual risk,when dealing with small samples of high-dimensional data,it has a strong advantage of generalization ability,in pattern recognition,especially in areas such as intrusion detection it has been widely used.In this paper,it shows the basic conditions of detection model based on support vector machine,for the time complexity is too high of this model,the commonly used feature extraction technique of kernels principal component analysis is brought in,and build a KPCA and SVM based detection model,KPCA is used for feature extraction of the data in original spatial,select some of the major components, delete the redundant information to reduce the dimension of the features,with a small amount decline of detection efficiency,the time efficiency markedly improved.As the importance of kernel function for support vector machine,and the development of kernel function,uses combined kernel function in support vector machine,combines polynomial kernel function and radial basis kernel function and forms combined kernel function,brings a KPCA and combined kernel function SVM based detection model to look forward to obtain a better detection performance,and use KDDCUP99 data sets to test,indicating that the model has a better detection efficiency, but the time efficiency decreases slightly,in the mass,the two model is almost equal, but this model has a better generalization ability and stability.
【Key words】 support vector machine; feature extraction; kernels principal component analysis; combined kernel function;