| 基于混沌粒子群的IDS告警聚类算法 |
| |
| 引用本文: | 胥小波,蒋琴琴,郑康锋,武 斌,杨义先.基于混沌粒子群的IDS告警聚类算法[J].通信学报,2013,34(3):105-110. |
| |
| 作者姓名: | 胥小波 蒋琴琴 郑康锋 武 斌 杨义先 |
| |
| 基金项目: | The Fundamental Research Funds for the Central Universities;The Research Foundation of CPLA General Equipment Department;The Key Project of Chinese Ministry of Education |
| |
| 摘 要: | 为了提高入侵检测系统(IDS)的告警质量,减少冗余报警,提出了一种基于混沌粒子群优化的IDS告警聚类算法。算法将混沌融入到粒子运动过程中,使粒子群在混沌与稳定之间交替运动,逐步向最优点靠近。该算法能够克服粒子群算法的早熟、局部最优等缺点,指导聚类中心寻找到全局最优解。通过理论分析与实验测试,验证了该算法在入侵检测系统中,能够大量减少告警数量,提高告警质量,具有较高的检测率和较低的误报率。
|
IDS alert clustering algorithm based on chaotic particle swarm optimization |
| |
| Xiao-bo XU,Qin-qin JIANG,Kang-feng ZHENG,Bin WU,Yi-xian YANG.IDS alert clustering algorithm based on chaotic particle swarm optimization[J].Journal on Communications,2013,34(3):105-110. |
| |
| Authors: | Xiao-bo XU Qin-qin JIANG Kang-feng ZHENG Bin WU Yi-xian YANG |
| |
| Affiliation: | 1. The 30th Institute of China Electronics Technology Group Corporation, Chengdu 610041, China;2. Information Security Center, Beijing University of Posts and Telecommunications, Beijing 100876, China |
| |
| Abstract: | In order to improve the quality of alerts in intrusion detection system (IDS) and reduce the large number of redundant alarms, an IDS alerts clustering algorithm based on chaotic particle swarm optimization was proposed.It made the motion of particles with characteristics of chaos,so as to make particles move between the state of chaos and stable, and gradually close to the optimal value. The CPSO algorithm could overcome the problem of premature and local opti-mization, and take the center of cluster to find the global optimal solution. The analysis and experiment show that the al-gorithm can significantly reduce the number of alerts improve its quality, and has a high detection rate and low false detection rate. |
| |
| Keywords: | intrusion detection system alert clustering chaos particle swarm opti ization |
|
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
|
