###
Journal of ShangHai University of Electric Power :2021,37(6):591-596
View/Add Comment     Archive    Advanced search     HTML
←Previous   |   Next
面向入侵检测的机器学习方法综述
(上海电力大学 计算机科学与技术学院)
Overview of Machine Learning Methods for Intrusion Detection
(School of Computer Science and Technology, Shanghai University of Electric Power, Shanghai 200090, China)
Abstract
Image-text
References
Similar literature
本文已被:浏览 1433次   下载 1046
Received:February 28, 2020    
中文摘要: 入侵检测方法是基于网络的入侵检测系统的核心,可以是基于特征的,也可以是基于异常的。基于特征的检测方法具有较高的检测率,但不能检测到未知新型攻击;基于异常的检测方法可以检测到新型攻击,但误报率较高。为了降低入侵检测的误报率并提高其检测率,许多机器学习技术被应用到入侵检测系统中。通过对大量带有入侵数据训练样本的学习,构建了一个用于区分正常状态和入侵状态的入侵检测模型。针对目前入侵检测系统存在的高误报率、低检测速度和低检测率等问题,对机器学习技术在入侵检测系统中的的优势、系统检测的通用数据集以及系统评估指标进行了详细阐述,并对未来研究趋势进行了展望。
Abstract:The intrusion detection method is the core of the network-based intrusion detection system.It can be feature-based or anomaly-based.Feature-based methods have higher detection rates, but cannot detect unknown new types of attacks.Anomaly-based detection methods can detect new types of attacks, but the false positive rate is high.In order to reduce the false alarm rate and improve the detection rate, many machine learning techniques are applied to intrusion detection systems.It learns a large number of training samples with intrusion data to build an intrusion detection model that distinguishes between normal and intrusion states.This article describes the advantages of machine learning technology in intrusion detection systems, the general data set for system detection, and the system evaluation indicators and future prospects for high intrusion detection rates, low detection speeds, and low detection rates in current intrusion detection systems.
文章编号:20210614     中图分类号:TP309.1    文献标志码:
基金项目:国家自然科学基金(61802249,U1936213);上海高校青年教师培养资助计划(ZZsdl18006)。
Reference text: