入侵检测系统中的相反性综合降维模型

 为了提高入侵检测系统的性能，提出了一种综合降维方法。首先，借用类比推理方法，为两个多维向量建立相似距离算法。然后，基于人工免疫系统和遗传算法设计了一种对正常行为样本集合和异常行为样本集合的优化算法。最后，对采集到的网络行为样本，分别计算与优化的两个行为样本集合的相似度。把这两个相似度作为纵坐标和横坐标，行为样本被映射成二维坐标平面上的点。系统根据点的位置，判定行为是否异常。

A Synthetic Dimension Reduction in Intrusion Detection System

In order to improve the performance of IDS(Intrusion Detection System), a synthetic dimension reduction method is proposed in this paper. First of all, a similarity distance algrithm between two vectors based on analogy resoning is difined. Then, an optimization method based on Artificial Immune System(AIS) and Genetic Algorithm(GA) is used to meliorate the normal behavior set and abnormal behavior set. Finaly, a new behavior sample is sniffered from network. The distances between this new behavior sample and each of the two meliorated sets are calculated. Using these two distances as ordinate and abscissa, this new behavior sample is mapped into a point in a two dimensional coordinates plane from a multi dimensional vector space. According to the location of this point, a behavior can be determined whether it is an intrusion or not.