期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于聚类和主成分分析的异常检测方法 被引量:4

An Anomaly Detection Method Based on Clustering and Principal Component Analysis
在线阅读 下载PDF
导出
摘要 提出了一种基于聚类和主成分分析的异常检测方法,该方法利用聚类分析将训练数据划分为不同的子集,从而得到正常模式在特征空间中的分布,然后利用主成分分析来提取各行为子集的特征轮廓,最后利用各子集的PCA变换矩阵进行检测。实验结果证明了基于主成分分析的异常检测方法的有效性。 An anomaly detection method based on clustering and principal component analysis is proposed.The method partitions the train data set into several sub-sets to get the distribution of the normal pattern in feature space.Then it extracts the feature contour of each sub-set.Finally it detects behavior records by the PCA matrix of each sub-set.The results of the experiment show that the anomaly detection method based on principal component analysis is effective.
作者 汪阳 黄天戍 杜广宇
机构地区 武汉大学电子信息学院
出处 《计算机工程与应用》 CSCD 北大核心 2006年第21期21-24,共4页 Computer Engineering and Applications
基金 公安部重点支持项目(编号:200342-823-01)
关键词 入侵检测 异常检测 聚类 主成分分析 intrusion detection,anomaly detection,clustering,principal component analysis
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献9

  • 1张凤斌,杨永田,江子扬.遗传算法在基于网络异常的入侵检测中的应用[J].电子学报,2004,32(5):875-877. 被引量:30
  • 2卿斯汉,蒋建春,马恒太,文伟平,刘雪飞.入侵检测技术研究综述[J].通信学报,2004,25(7):19-29. 被引量:235
  • 3阎巧,谢维信.异常检测技术的研究与发展[J].西安电子科技大学学报,2002,29(1):128-132. 被引量:30
  • 4Donald A Jackson,Yong Chen.Robust principal component analysis and outlier detection with ecological data[J].Environmetrics.2004;15(2):129~139
  • 5Lalor G C,Zhang C.Multivariate outlier detection and remediation in geochemical databases[J].The Science of the Total Environment,2001 ;28(1):99~109
  • 6R Agrawal,J Gehrke,D Gunopulos et al.Automaticubspace clustering of high dimentional data for data mining application[C].In:Proceedings of the ACM SIGMOD Conference on Management of Data,Seattle,Washington,1998:94~105
  • 7R A Johnson.Applied Multivariate Statistical Analysis[M].4th Ed,Prentice-Hall,NJ,1998
  • 8KDD Cup 1999 Data.http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html,2003-08
  • 9A Lazarevic L Ertoz,V Kumar et al.A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection[C].In:Proceedings of the Third SIAM Conference on Data Mining,2003-05

二级参考文献54

  • 1E Eskin.Anomaly detection over noisy data using learned probability distributions[A].Proceedings of the 17th International Conference on Machine Learning[C].San Mateo,CA:Morgan Kaufmann,2000.255-262.
  • 2T Lane,C Brodley.Temporal sequence learning and data reduction for anomaly detection[J].ACM Trans Info System Security,1999,2:295-331.
  • 3T Lane,C E Brodley.Data reduction techniques for instancebased learning from human/computer interface data[A].Proceedings of the 17th International Conference on Machine Learning[C].San Mateo,CA:Morgan Kaufmann,2000.519-526.
  • 4D Dasgupta,F Gonzalez.An immunity-based technique to characterize intrusions in computer networks[J].IEEE Transactions on Evolutionary Computation,2002,3(6):281-291.
  • 5E Zitzler,L Thiele.Multi-objective evolutionary algorithms:comparative case study and the strength pareto approach[J].IEEE Trans of Evolutionary Computation,1999,3(4):257-271.
  • 6M Srinivas,M Patnaik.Adaptive probabilities of crossover and mutation in genetic algorithms[J].IEEE Trans on Systems,Man,and Cybernetics,1993,24(4):656-667.
  • 7LEE W,STOLFO S,MOK K. A data mining framework for adaptive intrusion detection[EB/OL]. http://www.cs.columbia.edu/~sal/ hpapers/framework.ps.gz.
  • 8LEE W, STOLFO S J, MOK K. Algorithms for mining system audit data[EB/OL]. http://citeseer.ist.psu.edu/lee99algorithms.html. 1999.
  • 9KRUEGEL C, TOTH T, KIRDA E.Service specific anomaly detection for network intrusion detection[A]. Proceedings of the 2002 ACM Symposium on Applied Computing[C]. Madrid, Spain, 2002. 201-208.
  • 10LIAO Y, VEMURI V R. Use of text categorization techniques for intrusion detection[A]. 11th USENIX Security Symposium[C]. San Francisco, CA, 2002.

共引文献289

同被引文献58

引证文献4

二级引证文献33

计算机工程与应用
2006年 第21期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部