一种基于截断平均LDA的有效网络入侵检测方法

2017 International Conference on Electrical and Information Technologies (ICEIT) Pub Date : 2017-11-01 DOI:10.1109/EITECH.2017.8255298

Elkhadir Zyad, Chougdali Khalid, Benattou Mohammed

{"title":"一种基于截断平均LDA的有效网络入侵检测方法","authors":"Elkhadir Zyad, Chougdali Khalid, Benattou Mohammed","doi":"10.1109/EITECH.2017.8255298","DOIUrl":null,"url":null,"abstract":"The network traffic data employed to build an intrusion detection system (IDS) is always large with ineffective information, that what decrease it efficiency. To deal with this issue, we need to remove the worthless information from the original high dimensional data by using a feature extraction method. The most famous technique which fulfills this role is Linear Discriminant Analysis. However, this method has an important limitation. The class mean vector employed in this method is always estimated by the class sample average. That is not enough to approximate the class mean, specially with the presence of outliers. In this paper, we suggest to use the truncated mean to estimate the class mean vector in LDA modeling. Many experiments on KDDcup99and NSL-KDD indicate the superiority of the proposed technique.","PeriodicalId":447139,"journal":{"name":"2017 International Conference on Electrical and Information Technologies (ICEIT)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"An effective network intrusion detection based on truncated mean LDA\",\"authors\":\"Elkhadir Zyad, Chougdali Khalid, Benattou Mohammed\",\"doi\":\"10.1109/EITECH.2017.8255298\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The network traffic data employed to build an intrusion detection system (IDS) is always large with ineffective information, that what decrease it efficiency. To deal with this issue, we need to remove the worthless information from the original high dimensional data by using a feature extraction method. The most famous technique which fulfills this role is Linear Discriminant Analysis. However, this method has an important limitation. The class mean vector employed in this method is always estimated by the class sample average. That is not enough to approximate the class mean, specially with the presence of outliers. In this paper, we suggest to use the truncated mean to estimate the class mean vector in LDA modeling. Many experiments on KDDcup99and NSL-KDD indicate the superiority of the proposed technique.\",\"PeriodicalId\":447139,\"journal\":{\"name\":\"2017 International Conference on Electrical and Information Technologies (ICEIT)\",\"volume\":\"36 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 International Conference on Electrical and Information Technologies (ICEIT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EITECH.2017.8255298\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference on Electrical and Information Technologies (ICEIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EITECH.2017.8255298","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

构建入侵检测系统所使用的网络流量数据往往是大量的无效信息，从而降低了系统的效率。为了解决这个问题，我们需要使用特征提取方法从原始高维数据中去除无用信息。完成这一任务的最著名的技术是线性判别分析。然而，这种方法有一个重要的限制。该方法中使用的类均值向量始终由类样本均值估计。这不足以近似类均值，特别是在存在异常值的情况下。在本文中，我们建议在LDA建模中使用截断均值来估计类均值向量。在kddcup99和NSL-KDD上的大量实验表明了该技术的优越性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An effective network intrusion detection based on truncated mean LDA

The network traffic data employed to build an intrusion detection system (IDS) is always large with ineffective information, that what decrease it efficiency. To deal with this issue, we need to remove the worthless information from the original high dimensional data by using a feature extraction method. The most famous technique which fulfills this role is Linear Discriminant Analysis. However, this method has an important limitation. The class mean vector employed in this method is always estimated by the class sample average. That is not enough to approximate the class mean, specially with the presence of outliers. In this paper, we suggest to use the truncated mean to estimate the class mean vector in LDA modeling. Many experiments on KDDcup99and NSL-KDD indicate the superiority of the proposed technique.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 International Conference on Electrical and Information Technologies (ICEIT)

自引率

0.00%

发文量