Active learning based network data anomaly detection method

A network data and anomaly detection technology, applied in data exchange networks, digital transmission systems, instruments, etc., can solve the problems of many training samples, difficult to have good classification characteristics, and high complexity

Inactive Publication Date: 2011-09-07
HARBIN INST OF TECH
View PDF0 Cites 29 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In order to solve the problems of many training samples, high complexity, and difficult to have good classification characteristics in the support vector ma

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Active learning based network data anomaly detection method
  • Active learning based network data anomaly detection method

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach 1

[0014] Specific implementation mode one: combine figure 1 To illustrate this embodiment, in the active learning mode, the training samples are actively selected according to the learning process, and the learning process is: the initialization phase and the cyclic learning phase, and the specific steps are as follows:

[0015] Candidate unlabeled sample set A, training sample set B, the number of samples in the initial training set N, and the number of current training samples n.

[0016] Step 1: Select C points in the unlabeled samples of candidate unlabeled sample set A as candidate cluster centers, perform iterative optimization clustering operation on candidate unlabeled sample set A, and select representative samples in the iterative clustering results Build a training sample set B;

[0017] The classification function surface of the support vector machine is a hyperplane H in the kernel space, and the hyperplane trained on the initial training set is H s , the actual o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an active learning based network data anomaly detection method, relating to an SVM (support vector machine) based detection method. The method solves the problems of more training samples, high complexity and poor classification feature of SVM in the traditional network data anomaly detection method. The method comprises the following steps: 1, choosing C points from unmarked samples as candidate cluster centers, carrying out iteration optimized clustering operation on candidate unmarked sample set A, and choosing representative samples from iteration clustering results to construct a training sample set B; 2, training an SVM on the training sample set B to obtain a training hyperplane; 3, choosing a sample which can best improve classification feature from the candidate unmarked sample set A according to sample choosing standards, making the sample with classification and then adding to the training sample set B; 4, retraining the SVM on the updated training sample set B; and 5, ending if detection precision reaches a preset value; if not, returning the step 3. The algorithm can effectively lower complexity if applied to anomaly detection research.

Description

technical field [0001] The invention relates to a detection method based on a support vector machine. Background technique [0002] The rapid development of computer and Internet has brought great changes to human society. However, due to the openness, complexity, information sharing, and security flaws in the design of network protocols, the development of computer networks is facing serious security threats. The construction of network security system has become the focus of research in the field of computer network, both in theory and in application. Intrusion detection technology is the identification and response to malicious behaviors of computers and network information resources. It can not only detect external intrusions, but also point out unauthorized activities of internal legal users. Intrusion detection technology is the main technical means to realize the active defense link in network security. When the intrusion is detected, the intrusion detection system...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26G06K9/62
Inventor 张钧萍何淼陈雨时张晔
Owner HARBIN INST OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap