一個混合式的分類演算法應用於入侵偵測系統
Abstract
入侵偵測系統可以被視為網路管理系統中,用於檢查與警示異常網路行為之子系統。隨著網際網路發展以及網路架構複雜程度增加,許多不同的攻擊方式因此而產生。傳統的入侵偵測系統,無法有效地偵測出這些攻擊,因此本研究提出一個混合式的分類演算法應用於入侵偵測系統,提高系統判斷異常攻擊行為的準確度,並減少分類演算法的計算時間。這個方法結合 k-means 分群演算法、支持向量機分類演算法以及搜尋經濟學超啟發式演算法。實驗結果說明利用這個混合式的策略,可以讓入侵偵測系統在較複雜的網路攻擊分類問題上,提供較高的準確度。
An intrusion detection system (IDS), which can be regarded as a subsystem of a network management system, plays the role of detecting and preventing abnormal network behaviors. With the advance of the Internet and the increase of the complexity of network architectures, many attack methods have been developed. However, most traditional intrusion detection systems are incapable of recognizing these attacks. Therefore, this study will present a hybrid classification algorithm for an intrusion detection system to improve its accuracy rate and reduce its computation time. The proposed algorithm integrates k-means (a clustering algorithm), support vector machine (a classification algorithm), and search economic (a metaheuristic algorithm). The experimental results show that the proposed hybrid algorithm provides a better accuracy rate in solving complex network attack classification problems.
Ze-Hong Chen, Yi-Lin Chen, Wei-Yan Chang, Chun-Wei Tsai, "一個混合式的分類演算法應用於入侵偵測系統," Communications of the CCISA, vol. 25, no. 1 , pp. 14-27, Feb. 2019.
Full Text:
PDFRefbacks
- There are currently no refbacks.
Published by Chinese Cryptology and Information Security Association (CCISA), Taiwan, R.O.C
CCCISA Editorial Office, No.1, Sec. 1, Shennong Rd., Yilan City, Yilan County 260, Taiwan (R.O.C.)
E-mail: ccisa.editor@gmail.com