[1]明仲,林朝哲,蔡树彬.并行PSVM算法及其在入侵检测中的应用[J].深圳大学学报理工版,2010,27(3):327-333.
 MING Zhong,LIN Chao-zhe,and CAI Shu-bin.Parallel proximal support vector machine and its application in intrusion detection[J].Journal of Shenzhen University Science and Engineering,2010,27(3):327-333.
点击复制

并行PSVM算法及其在入侵检测中的应用()
分享到:

《深圳大学学报理工版》[ISSN:1000-2618/CN:44-1401/N]

卷:
第27卷
期数:
2010年3期
页码:
327-333
栏目:
光电与信息工程
出版日期:
2010-07-30

文章信息/Info

Title:
Parallel proximal support vector machine and its application in intrusion detection
文章编号:
1000-2618(2010)03-0327-07
作者:
明仲林朝哲蔡树彬
深圳大学计算机与软件学院,深圳 518060
Author(s):
MING ZhongLIN Chao-zheand CAI Shu-bin
College of Computer Science and Software Engineering
Shenzhen University
Shenzhen 518060
P. R. China
关键词:
数据挖掘并行PSVM入侵检测增量学习ε-支持向量层叠式SVM
Keywords:
data miningparallel proximal support vector machineintrusion detectionincremental learningε-support vectorcascade SVM
分类号:
TP 301;TP 311.5
文献标志码:
A
摘要:
基于并行PSVM(proximal support vector machine)分类法,利用ε-支持向量与原数据集等价的特点,将PSVM和cascade SVM模型高效结合,加速训练入侵数据集.提出一种新的PSVM增量学习方法,它能快捷更新分类器.通过大量基于著名的KDD CUP 1999数据集实验,研究表明,该算法相对其他SVM方法,在保证较高检测率和较低误报率的同时,其训练时间降低80%,且能通过增量学习新数据集来有效更新分类器.
Abstract:
A novel training method based on parallel proximal support vector machine (PSVM) classification algorithm was proposed. The efficient PSVM and the cascade SVM architecture were used to reduce the time of training through the equivalence between the ε-support vectors and the original dataset. In addition, a new incremental learning method based on PSVM was used to make the update of the classifier easier. The experiments on the KDD CUP 1999 dataset demonstrate that the training time of our methods is 20% less than that of the other SVM methods under the condition of ensuring low false positive rate and high detection rate. it can update the classifier effectively by learning the characteristics of new dataset incrementally.

参考文献/References:


[1]Ryan J,Lin M J,Miiikkulainen R. 基于神经网络的入侵检测 [C]//高级神经信息处理系统会议论文集. 麻省 (美国):麻省理工学院出版社,1998:943-949 . (英文版)
[2]Balajinath B,Raghavan S V. 基于学习行为模式的入侵检测 [J].计算机通信,2001,24:(12):1202-1212. (英文版)
[3]饶鲜,董春曦,杨绍全. 基于支持向量机的入侵检测系统 [J].软件学报,2003,14(04):798-803.
[4]Jha S,Tan K,Maxion R A. 马尔科夫链,分类器与入侵检测[C]//第14届IEEE计算机安全组织学术会议论文集. 华盛顿:IEEE计算机学会出版社,2001:206-215. (英文版)
[5]Hu W M,Hu W,Maybank S. 基于AdaBoost算法的网络入侵检测[J].IEEE系统、人与控制论汇刊B辑:控制论,2008,38(2):577-583. (英文版)
[6]Vapnik V. 统计学习理论的本质 [M].纽约:Springer-Verlag出版社,1995. (英文版)
[7]ZHU Geng-ming,LIAO Jun-quo. 基于支持向量机的入侵检测研究 [C]// 第1届高级计算机理论与工程国际会议论文集. 普吉岛 (泰国):IEEE计算机学会出版社,2008:434-438. (英文版)
[8]周鸣争,楚宁,强俊. 基于构造性核覆盖算法的异常入侵检测 [J].电子学报,2007,35(05):862-867.
[9]WU Shan-hung,LIN Keng-pei,CHEN Chung-min,等. 非对称支持向量机:用户容忍的低误报率[C]//第14届知识发现与数据挖掘国际会议论文集. 拉斯维加斯(美国):ACM 出版社,2008:749-757. (英文版)
[10]Khan L, Awad M, Thuraisingham B. 基于支持向量机和层次聚类的新型入侵检测系统[J].超大型数据库杂志, 2007, 16: 507-521.
[11]Fung G,Mangasarian O L. 最接近支持向量机分类器 [C]//第7届知识发现与数据挖掘国际会议论文集. 旧金山(美国):ACM 出版社,2001:77-86. (英文版)
[12]Graf H P,Cosatto E,Bottou L,等. 并行支持向量机:cascade SVM [C]//高级神经信息处理系统会议论文集. 麻省(美国):麻省理工学院出版社,2005:521-528. (英文版)
[13]Liu Q,He Q,Shi Z Z. 增量非线性最接近支持向量机 [C]//第4届国际神经网络研讨会论文集. 南京 (中国):Springer-Verlag出版社, 2007:336-341. (英文版)
[14]Fung G,Mangasarian O L. 增量支持向量机分类 [C]//第2届SIAM数据挖掘国际会议论文集. 阿灵顿 (美国):IEEE计算机学会出版社,2002:135-145. (英文版)
[15]Canu S,Grandvalet Y,Guigue V,等. 支持向量机核方法Matlab工具箱 [CP/OL].鲁昂 (法国):鲁昂国立应用科学学院,2005 [2009-09-23].http://asi.insa-rouen.fr/enseignants/~arakotom/toolbox/index.html.
[16]Stolfo S. KDD CUP 1999 dataset [DB/OL].UCI知识发现数据库,1999 [2009-09-23].http://kdd.ics.uci.edu/databases/kddcu p99/ kddcup99.html.


[1]Ryan J,Lin M J,Miiikkulainen R. Intrusion detection with neural networks [C]//Advances in Neural Information Processing Systems. Massachusetts (USA):MIT Press,1998:943-949.
[2]Balajinath B,Raghavan S V. Intrusion detection through learning behavior model [J].Computer Communication. 2001,24:(12):1202-1212.
[3]RAO Xian,DONG Chun-xi,YANG Shao-quan. An intrusion detection system based support vector machine [J].Journal of Software,2003,14(04):798-803. (in Chinese)
[4]Jha S,Tan K,Maxion R A. Markov chains,classifiers and intrusion detection [C]//The 14th IEEE Computer Security Foundation Workshop. Washington D C:IEEE Computer Society Press,2001:206-215.
[5]HU Wei-ming,HU Min,Maybank S. Adaboost-based algorithm for network intrusion detection [J].IEEE Transactions on Systems,Man and Cybernetic,Parb B:Cybernetics,2008,38:(2):577-583.
[6]Vapnik V. The nature of statistical learning theory [M].NY:Springer-Verlag,1995.
[7]ZHU Geng-ming,LIAO Jun-quo. Research of intrusion detection based on support vector machine [C]//The 1st International Conference on Advanced Computer Theory and Engineering. Phuket (Thailand):IEEE Computer Society Press,2008:434-438.
[8]ZHOU Ming-zheng,CHU Ning,QIANG Jun. An anomaly intrusion detection based on constructive kernel covering algorithm[J].Acta Electronic Sinica,2007,35(5):862-867. (in Chinese)
[9]WU Shan-hung,LIN Keng-pei,CHEN Chung-min,et al. Asymmetric support vector machines:low false-positive learning under the user tolerance [C]//Proceeding of the 14th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. Las Vegas (USA):ACM Press,2008:749-757.
[10]Khan L, Awad M, Thuraisingham B. A new intrusion detection system using support vector machines and hierarchical clustering[J].The VLDB Journal, 2007, 16: 507-521.
[11]Fung G,Mangasarian O L. Proximal support vector machine classifiers [C]//Proceedings of the 7th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. San Francisco (USA):ACM Press,2001:77-86.
[12]Graf H P,Cosatto E,Bottou L,et al. Parallel support vector machines:The cascade SVM [C]//Advances in Neural Information Processing Systems. Massachusetts (USA):MIT Press,2005:521-528.
[13]Liu Q,He Q,Shi Z Z. Incremental nonlinear proximal support vector machine [C]//The 4th International Symposium on Neural Networks. Nanjing (China):Springer-Verlag Press,2007:336-341.
[14]Fung G,Mangasarian O L. Incremental support vector machine classification [C]//Proceedings of the 2nd SIAM International Conference on Data Mining. Arlington (USA):IEEE Computer Science Press,2002:135-145.
[15]Canu S,Grandvalet Y,Guigue V,et al. SVM and kernel methods Matlab toolbox [CP/OL].Rouen (France):INSA de Rouen,2005 [2009-09-23].http://asi.insa-rouen.fr/enseignants/~arakotom/toolbox/index.html.
[16]Stolfo S. KDD CUP 1999 dataset [DB/OL].UCI KDD repository,1999 [2009-09-23].http://kdd.ics.uci.edu/databas es/kddcup99 /kddcup99.html.

相似文献/References:

[1]陆楠,杜文峰,梁正平.基于FP-tree目录分割自适应算法[J].深圳大学学报理工版,2011,28(No.4(283-376)):341.
 LU Nan,DU Wen-feng,and LIANG Zheng-ping.A self-adaptive algorithm for the problem of catalog segmentation based on FP-tree[J].Journal of Shenzhen University Science and Engineering,2011,28(3):341.
[2]刘大有,董婥,王生生.基于矩形代数和公共模式方法的相似图像检索[J].深圳大学学报理工版,2012,29(No.2(095-188)):100.[doi:10.3724/SP.J.1249.2012.02100]
 LIU Da-you,DONG Chuo,and WANG Sheng-sheng.An improved similarity retrieval of images based on CPM and rectangle algebra[J].Journal of Shenzhen University Science and Engineering,2012,29(3):100.[doi:10.3724/SP.J.1249.2012.02100]
[3]王娜,李霞,徐红英.社会网络分析之社区发现研究[J].深圳大学学报理工版,2014,31(1):35.[doi:10.3724/SP.J.1249.2014.01035]
 Wang Na,Li Xia,and Xu Hongying.Research on community detection in social network[J].Journal of Shenzhen University Science and Engineering,2014,31(3):35.[doi:10.3724/SP.J.1249.2014.01035]
[4]陆楠,陆春一,周春光.快速发现关联规则挖掘算法的并行化方法[J].深圳大学学报理工版,2005,22(4):334.
 LU Nan,LU Chun-yi,ZHOU Chun-Guang.The parallel method on fast finding mining algorithms of association rules[J].Journal of Shenzhen University Science and Engineering,2005,22(3):334.
[5]陆楠,周春光.WEB数据挖掘中异构数据集成问题的研究[J].深圳大学学报理工版,2002,19(3):31.
 LU Nan,ZHOU Chun-guang.Researches of Different Data Integration on WEB Data Mining[J].Journal of Shenzhen University Science and Engineering,2002,19(3):31.
[6]陆 楠,周春光.互连性层次聚类法在交易数据聚类分析中的应用[J].深圳大学学报理工版,2003,20(1):63.
 LU Nan and ZHOU Chun-guang.The Application of Clustering Analysis to Transactional Data-set with Interconnecting Cluster Method[J].Journal of Shenzhen University Science and Engineering,2003,20(3):63.
[7]杨峻山,纪震,谢维信,等.基于粒子群优化的生物组学数据分类模型选择[J].深圳大学学报理工版,2016,33(3):264.[doi:10.3724/SP.J.1249.2016.03264]
 Yang Junshan,Ji Zhen,Xie Weixin,et al.Model selection based on particle swarm optimization for omics data classification[J].Journal of Shenzhen University Science and Engineering,2016,33(3):264.[doi:10.3724/SP.J.1249.2016.03264]
[8]陈星宇,周展,黄俊文,等.基于关键词挖掘的客户细分方法[J].深圳大学学报理工版,2017,34(3):300.[doi:10.3724/SP.J.1249.2017.03300]
 Chen Xingyu,Zhou Zhan,Huang Junwen,et al.A keyword-based mining method for customer segmentation[J].Journal of Shenzhen University Science and Engineering,2017,34(3):300.[doi:10.3724/SP.J.1249.2017.03300]
[9]谷建伟,隋顾磊,李志涛,等.基于ARIMA-Kalman滤波器数据挖掘模型的油井产量预测[J].深圳大学学报理工版,2018,35(6):575.[doi:10.3724/SP.J.1249.2018.06575]
 GU Jianwei,SUI Gulei,LI Zhitao,et al.Oil well production forecasting method based on ARIMA-Kalman filter data mining model[J].Journal of Shenzhen University Science and Engineering,2018,35(3):575.[doi:10.3724/SP.J.1249.2018.06575]
[10]何玉林,等.大规模数据集聚类算法的研究进展[J].深圳大学学报理工版,2019,36(1):4.[doi:10.3724/SP.J.1249.2019.01004]
 HE Yulin,and HUANG Zhexue,A review on clustering algorithms for large-scale data sets[J].Journal of Shenzhen University Science and Engineering,2019,36(3):4.[doi:10.3724/SP.J.1249.2019.01004]

备注/Memo

备注/Memo:
收稿日期:2009-10-13;修回日期:2010-06-04
基金项目:国家高技术研究发展计划资助项目 (2009AA02Z309); 深圳市科技计划资助项目 (JC200903120046A)
作者简介:明仲(1967- ),男(汉族),江西省宁都县人,深圳大学教授、博士. E-mail:mingz@szu.edu.cn
更新日期/Last Update: 2010-07-30