Intrusion detection method based on active learning

The invention discloses an intrusion detection method based on active learning. The method comprises the steps of: collecting historical data through a system log, and carrying out preprocessing to obtain a label sample data set; constructing a detection classification model based on an active learn...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	WANG LONGHAI, YANG HAN, LI YONG, WANG KAIBO, CHEN TING, XU RUN, HU BINGXUAN, DAI QICAN, ZHENG ZHIHAO, REN TINGHAO, TANG JIAN, YU YUNHAO, JIN JIWEI, YANG JUNKUI, ZHOU ZHONGBO, JIANG ZAINENG, DENG DEMAO, DONG SHUANG, LI YAO, CHEN LINSEN, QIN YUMING
Format:	Patent
Sprache:	chi ; eng
Schlagworte:	CALCULATING COMPUTING COUNTING HANDLING RECORD CARRIERS PHYSICS PRESENTATION OF DATA RECOGNITION OF DATA RECORD CARRIERS
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Beschreibung
Zusammenfassung:	The invention discloses an intrusion detection method based on active learning. The method comprises the steps of: collecting historical data through a system log, and carrying out preprocessing to obtain a label sample data set; constructing a detection classification model based on an active learning strategy, and training the detection classification model in combination with a semi-supervised direct push type support vector machine to form a detection multi-classifier; and performing clustering analysis by using a K-Means clustering algorithm, and outputting a detection result in combination with the trained detection classification model. The algorithm provided by the invention not only depends on the classification result of a single classifier to determine the labeled samples, but also depends on the voting results of classifiers to determine labeled samples by training a plurality of classifiers, so that the labeling accuracy can be well improved. 本发明公开了一种基于主动学习的入侵检测方法，包括，利用系统日志采集历史数据并进行预处理，得到标签样本数据集；