| 基于单分类支持向量机和主动学习的网络异常检测研究 |
| |
| 引用本文: | 刘 敬,谷利泽,钮心忻,杨义先.基于单分类支持向量机和主动学习的网络异常检测研究[J].通信学报,2015,36(11):136-146. |
| |
| 作者姓名: | 刘 敬 谷利泽 钮心忻 杨义先 |
| |
| 作者单位: | 1. 北京邮电大学 信息安全中心,北京 100876;2. 解放军61741部队,北京 100094 |
| |
| 基金项目: | 国家自然科学基金资助项目 (61202082,61370194 ) |
| |
| 摘 要: | 对基于支持向量机和主动学习的异常检测方法进行了研究,首先利用原始数据采用无监督方式建立单分类支持向量机模型,然后结合主动学习找出对提高异常检测性能最有价值的样本进行人工标记,利用标记数据和无标记数据以半监督方式对基于单分类支持向量机的异常检测模型进行扩展。实验结果表明,所提方法能够利用少量标记数据获取性能提升,并能够通过主动学习减小人工标记代价,更适用于实际网络环境。
|
| 关 键 词: | 网络安全 异常检测 单分类支持向量机 主动学习 |
Research on network anomaly detection
based on one-class SVM and active learning |
| |
| Abstract: | A network anomaly detection method based on one-class SVM and active learning was presented. Firstly, the original instances were used to trained an one-class SVM model in unsupervised manner. Then the instances which can improve the performance mostly were found by active learning strategy. Finally, the classify model was retrained in semi-supervised manner with both labeled and unlabeled data. The experiment results demonstrate that the presented method can improve performance with a small amount of labeled data and reduce the cost of labeling through active learning. It is more feasible to be used in real network environment. |
| |
| Keywords: | network security anomaly detection one-class SVM active learning |
|
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
