本文已被:浏览 1401次 下载 1045次
投稿时间:2020-02-28
投稿时间:2020-02-28
中文摘要: 入侵检测方法是基于网络的入侵检测系统的核心,可以是基于特征的,也可以是基于异常的。基于特征的检测方法具有较高的检测率,但不能检测到未知新型攻击;基于异常的检测方法可以检测到新型攻击,但误报率较高。为了降低入侵检测的误报率并提高其检测率,许多机器学习技术被应用到入侵检测系统中。通过对大量带有入侵数据训练样本的学习,构建了一个用于区分正常状态和入侵状态的入侵检测模型。针对目前入侵检测系统存在的高误报率、低检测速度和低检测率等问题,对机器学习技术在入侵检测系统中的的优势、系统检测的通用数据集以及系统评估指标进行了详细阐述,并对未来研究趋势进行了展望。
Abstract:The intrusion detection method is the core of the network-based intrusion detection system.It can be feature-based or anomaly-based.Feature-based methods have higher detection rates, but cannot detect unknown new types of attacks.Anomaly-based detection methods can detect new types of attacks, but the false positive rate is high.In order to reduce the false alarm rate and improve the detection rate, many machine learning techniques are applied to intrusion detection systems.It learns a large number of training samples with intrusion data to build an intrusion detection model that distinguishes between normal and intrusion states.This article describes the advantages of machine learning technology in intrusion detection systems, the general data set for system detection, and the system evaluation indicators and future prospects for high intrusion detection rates, low detection speeds, and low detection rates in current intrusion detection systems.
文章编号:20210614 中图分类号:TP309.1 文献标志码:
基金项目:国家自然科学基金(61802249,U1936213);上海高校青年教师培养资助计划(ZZsdl18006)。
引用文本:
王亮亮,谷朝阳.面向入侵检测的机器学习方法综述[J].上海电力大学学报,2021,37(6):591-596.
WANG Liangliang,GU Zhaoyang.Overview of Machine Learning Methods for Intrusion Detection[J].Journal of Shanghai University of Electric Power,2021,37(6):591-596.
王亮亮,谷朝阳.面向入侵检测的机器学习方法综述[J].上海电力大学学报,2021,37(6):591-596.
WANG Liangliang,GU Zhaoyang.Overview of Machine Learning Methods for Intrusion Detection[J].Journal of Shanghai University of Electric Power,2021,37(6):591-596.