| 采用SOM-BMU距离度量的异常检测方法 |
| |
| 引用本文: | 陈卫军,贾伟峰. 采用SOM-BMU距离度量的异常检测方法[J]. 河南师范大学学报(自然科学版), 2009, 37(5) |
| |
| 作者姓名: | 陈卫军 贾伟峰 |
| |
| 作者单位: | 安阳师范学院,计算机教学部,河南,安阳,455000;安阳师范学院,计算机教学部,河南,安阳,455000 |
| |
| 摘 要: | 提出了一种基于SOM-BMU距离度量的网络异常检测方法,该方法通过t分布,构建了被测样本到BMU距离的置信区间,当被检测样本与BMU之间的距离不在该置信区间内时,认定网络异常发生.此外,为了提高该方法的自适应性,引入了滑动窗口的操作.实验阶段,对比了基于OC-SVM的网络异常检测方法.实验表明,该方法具有较高检测率、低误报率和自适应性的特点.
|
| 关 键 词: | 网络安全 异常检测 自组织映射 置信区间 滑动窗口 |
Anomaly Detection Method Adopting SOM-BMU Distance Metric |
| |
| CHEN Wei-jun,JIA Wei-feng. Anomaly Detection Method Adopting SOM-BMU Distance Metric[J]. Journal of Henan Normal University(Natural Science), 2009, 37(5) |
| |
| Authors: | CHEN Wei-jun JIA Wei-feng |
| |
| Abstract: | A network anomaly detection method based on SOM-BMU distance metric is proposed,which constructs a confidence range for distance between the sample and its BMU under student distribution.Anomaly detection is discovered when the distance is out of confidence range.In order to improve the self-adjustment to network situation,slide-window operation is used in this method.Experimental results in contrast to anomaly detection method based on One-Class SVM show that the method proposed in this paper gets high detection rate while keeping the false positive rate in a low level.The method can adjust it-self according to current network situation. |
| |
| Keywords: | network security anomaly detection SOM confidence range slide window |
| 本文献已被 万方数据 等数据库收录! |
|
