| 摘要: |
| 为应对层出不穷的新型网络入侵,提高对未知恶意行为的检测正确率,运用粗糙集理论对入侵检测问题进行建模.先用概率粗糙集建立入侵检测模型PRS-IDM,在此基础上生成基于变精度粗糙集的检测模型VRS-IDM和其中的阈值参数β.在VRS-IDM模型基础上对检测训练集数据进行约简并构造检测规则.模拟检测实验的结果证明本方法具有良好的检测正确率,同时能有效应付未知的潜在入侵行为. |
| 关键词: 变精度粗糙集 概率粗糙集 入侵检测 |
| DOI: |
| 分类号:TP939 |
| 基金项目:南京工程学院引进人才科研启动基金(272340726101101);国家自然科学基金资助项目(61373139) |
|
| Intrusion detection research on rough set model |
|
Chen Hang1,2 ,Xuan Hui3 ,Zhang Jiande11,2,3
|
|
1.Nanjing Institute of Technology, Computer Institute, Nanjing 211167, China;2.Key Library of Computer Network and Information Integration of Ministry of Education (Southeast University), Nanjing 211189, China;3.Nanjing Institute of Railway Technology, Nanjing 210031, China
|
| Abstract: |
| In response to those new network intrusion methods, and in order to improve detection rate for unknown malicious behaviors, rough set theory was used to construct models for intrusion detection problem. Firstly, intrusion detection model PRS-IDM was built with probabilistic rough set, the threshold parameter in it was used to build intrusion detection model VRS-IDM based on variable precision rough set. The detection training data set was reduced based on VRS-IDM and detection rules were constructed. The experiment proves that this method has a good detection collected rate, and deal with unknown potential intrusions effectively. |
| Key words: variable precision rough set probabilistic rough set intrusion detection |
