Active learning based network data anomaly detection method

A network data and anomaly detection technology, applied in data exchange networks, digital transmission systems, instruments, etc., can solve the problems of many training samples, difficult to have good classification characteristics, and high complexity
CN102176701AInactive Publication Date: 2011-09-07HARBIN INST OF TECH
0 Cites 29 Cited by

Patent Information

Authority / Receiving Office
CN · China
Current Assignee / Owner
HARBIN INST OF TECH
Publication Date
2011-09-07
Estimated Expiration
Not applicable · inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
Patent Text Reader

Abstract

The invention provides an active learning based network data anomaly detection method, relating to an SVM (support vector machine) based detection method. The method solves the problems of more training samples, high complexity and poor classification feature of SVM in the traditional network data anomaly detection method. The method comprises the following steps: 1, choosing C points from unmarked samples as candidate cluster centers, carrying out iteration optimized clustering operation on candidate unmarked sample set A, and choosing representative samples from iteration clustering results to construct a training sample set B; 2, training an SVM on the training sample set B to obtain a training hyperplane; 3, choosing a sample which can best improve classification feature from the candidate unmarked sample set A according to sample choosing standards, making the sample with classification and then adding to the training sample set B; 4, retraining the SVM on the updated training sample set B; and 5, ending if detection precision reaches a preset value; if not, returning the step 3. The algorithm can effectively lower complexity if applied to anomaly detection research.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to a detection method based on a support vector machine. Background technique

[0002] The rapid development of computer and Internet has brought great changes to human society. However, due to the openness, complexity, information sharing, and security flaws in the design of network protocols, the development of computer networks is facing serious security threats. The construction of network security system has become the focus of research in the field of computer network, both in theory and in application. Intrusion detection technology is the identification and response to malicious behaviors of computers and network information resources. It can not only detect external intrusions, but also point out unauthorized activities of internal legal users. Intrusion detection technology is the main technical means to realize the active defense link in network security. When the intrusion is detected, the intrusion detection system...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More