基于改进FastICA算法的入侵检测样本数据优化方法

doi:10.11959/j.issn.1000-436x.2016006

Abstract

Abstract:

For the purpose of achieving the better data optimizat sing results in intrusion detection, an improved FastICA algorithm was proposed. The weighted correlation coefficient was adopted in the phase of albinism processing to reduce information loss, and the Newton's iterative method was improved for third-order convergence. The algorithm was introduced concretely, meanwhile the time complexity was analyzed in detail. The experiment shows that the method has the advantages of less times of iteration and fast speed of convergence, which can effectively decrease the losses of data and increase the efficiency of data optimization in in ion detection.

Key words: intrusion detection, fast independent component analysis, data optimization, Newton's iteration method

Ye DU,dan ZHANGYa,hong LIMei,wei ZHANGDa. Improved FastICA algorithm for data optimization processing in intrusion detection[J]. Journal on Communications, 2016, 37(1): 42-48.

Figures/Tables 11

特征	说明
%user	在执行用户级应用程序时CPU的利用率
%system	在执行系统级内核时CPU的利用率
%iowait	在系统I/O请求时CPU的闲置时间
%idle	在系统无I/O请求时CPU的闲置时间
Tps	每秒传输给物理磁盘的任务总数
Rtps	每秒分配给物理磁盘的读请求数
Wtps	每秒分配给物理磁盘的写请求数
Bread/s	每秒从设备读取的数据总数
Bwrtn/s	每秒写入设备的数据总数
Pgpgin/s	每秒从硬盘调入的字节数
Pgpout/s	每秒调入硬盘的字节数
Fault/s	系统每秒的页面错误数
Majflt/s	系统每秒产生的主要错误数，即需要请求从硬盘加载内存页面
Pgfree/s	系统每秒放在空闲队列上的页面数
Pgscank/s	每秒被kswapd扫描的页面数
pgsteal/s	每秒钟从cache中被清除来满足内存需要的页面数
%vmeff	百分比每秒清除的页(pgsteal)占总扫描页(pgscank+pgscand)的
rxpck/s	每秒接收的数据分组数
txpck/s	每秒传输的数据分组数
rxkB/s	每秒接收的字节数
txkB/s	每秒发送的字节数
runq-sz	运行队列的长度（等待运行的进程数）
plist-sz	进程列表中进程（process）和线程（thread）的数量
ldavg-1	最后1 min的系统平均负载（system load average）
ldavg-5	过去5 min的系统平均负载
ldavg-15	过去15 min的系统平均负载
kbmemfree	可用的内存字节数
kbmemused	已用的内存字节数（包括buffer和cache的空间）
%memused	内存使用率
kbbuffers	被内核用作缓存的内存的字节数
kbcached	被内核用作缓存数据的内存的字节数
kbcommit	保证当前系统所需要的内存即为了确保不溢出而需要，的内存(RAM+swap)
%commit	kbcommit与内存总量(包括swap)的百分比
kbactive	当前活动的内存字节数
kbinact	当前不活动的内存字节数
frmpg/s	系统每秒释放的内存页面数
bufpg/s	系统每秒用作缓存的内存页面数
campg/s	系统每秒缓存的内存页面数
dentunusd	目录高速缓存中未被使用的条目数量
file-nr	文件句柄（file handle）的使用数量
inode-nr	索引节点句柄（inode handle）的使用数量
proc/s	每秒创建的任务数
cswch/s	每秒上下文切换数
pswpin/s	每秒置换进系统的页面数
pswpout/s	每秒置换出系统的页面数
kbswpused	使用的交换空间字节数
%swpused	交换空间使用率
kbswpcad	缓存的交换空间字节数
%swpcad	缓存的交换空间占比

References 18

[1]	国家互联网应急中心. 2013年我国互联网网络安全态势综述[J/OL]. .National Internet Emergency Center. The overview of Ch na's Internet network security situation in 2013[J/OL]. .
[2]	ANDERSO J P . Computer Security Threat Monitoring and Surveil-lance[P]. USA:PA 19034, 1980.4
[3]	LI M . An approach to reliably identifying signs of DDOS flood attacks based on LRD traffic pattern recognition[J]. Computers ＆ Security, 2004,23(7): 549-558.
[4]	王慧强，杜晔，庞永刚．入侵检测技术研究[J]. 计算机应用研究, 2003,10(20):90-94. WANG H Q , DU Y , PANG Y G . Research in intrusion detection tech-nology[J]. Application Research of Computers, 2003,10(20):90-94.
[5]	DEREK S , GUAN Q , FU S . An anomaly detection framework for autonomic management of compute cloud systems[C]// Computer Software and Applications Conference Workshops (COMPSACW).Seoul, c2010:376-381.
[6]	GUAN Q , ZHANG Z M , FU S . Ensemble of Bayesian predictors and decision trees for proactive failure management in clo computing systems[J]. Journal of Communications, 2012,7(1): 52-61.
[7]	夏敏纳，龚德良，肖娟．一种面向可靠云计算的自适应故障检测方法[J]. 计算机应用研究, 2013,31(2):426-430. XIA M N , GONG D L , XIAO J . An adaptive fault detection method for reliable cloud computing[J]. Application Research of Compu-ting, 2013,31(2):426-430.
[8]	HUSANBIR S , LIU J G , GUAN Q . AFD:adaptive failure detection system for cloud computing infrastructures[C]// Performance Computing and Communications Conference(IPCCC). Austin,TX, c2012:71-80.
[9]	ZHU Q , TERESA T , XIE Q . Automatic fault diagnosis in cloud infra-structure[C]// Cloud Computing Technology and Science(CloudCom). Bristol, c2013:467-474.
[10]	GUAN Q , FU S . Adaptive anomaly identification by exploring metric subspace in cloud computing infrastructures[C]// Reliable Distributed Systems(SRDS). Braga, c2013:205-214.
[11]	李娜，赵慧洁，贾国瑞．因子分析模型的高光谱数据降维方法[J]. 中国图象图形学报, 2011,16(11):2030-2035. LI N , ZHAO H J , JIA G R . Hyperspectral data dimensiona ity reduc-tion method based factor analysis model[J]. Journal Image and Graph-ics, 2011,16(11):2030-2035.
[12]	李乐，章毓晋．非负矩阵分解算法综述[J]. 电子学报, 2008(4):737-743. LI L , ZHANG Y J . Summary of non-negative matrix factorization al-gorithm[J]. Chinese Journal of Electronics, 2008(4):737-743.
[13]	蓝荣祎，孙怀江．基于逆运动学和重构式 ICA 的人体运动风格分析与合成[J]. 自动化学报, 2014,40(6):1135-1147. LAN R W , SUN H J . The style analysis and synthesis of uman mo-tion based on inverse kinematics and reconstruction type of ICA[J]. Acta Automatica Sinica, 2014,40(6):1135-1147.
[14]	荣宏，王会梅，鲜明．基于快速独立成分分析的RoQ攻击检测方法[J]. 电子与信息学报, 2013,35(10):2307-2313. RONG H , WANG H M , XIAN M . A method of RoQ attack detection based on FastICA[J]. Journal of Electronics ＆ Information Technolo-gy, 2013,35(10):2307-2313.
[15]	吴逊．基于独立成分分析的特征提取方法研究[D]. 厦门: 厦门大学, 2007. WU X . The Research on Features Extraction Method Based on In-dependent Component Analysis[D]. Xiamen: Xiamen University, 2007.
[16]	张卷美．一种新的迭代收敛阶数的证明与推广[J]. 大学数学, 2007,23(6):135-139. ZHANG J M . A new proof and promotion of iteration convergence order[J]. College Mathematics, 2007,23(6):135-139.
[17]	于明明，张妍．牛顿迭代法与几种改进格式的效率指数[J]. 数学的实践与认识, 2008,38(18):154-159. YU M M , ZHANG Y . The efficiency index of Newton iterative me-thod and serveral improve formats[J]. Journal of Mathe tics in Prac-tice and Theory, 2008,38(18):154-159.
[18]	范雪莉，冯海泓，原猛．基于互信息的主成分分析特征选择算法[J]. 控制与决策, 2013,28(6):915-919. FAN X L , FENG H H , YUAN M . Principal components analysis based on mutual information for feature selection algorithm[J]. Con-trol and Decision, 2013,28(6):915-919.

Metrics

Recommended 0

No Suggested Reading articles found!

方法	w	p	e
牛顿迭代法	2n	2	0.3 466n
改进牛顿迭代法	3n	3	0.3 662n

方法	主成分	贡献率s	累积贡献率d
	1	86.08%	86.08%
基于协方差的 PCA	2	6.57%	92.65%
基于协方差的 PCA	3	5.576%	98.42%
	1	19.94%	19.94%
MIPCA	2	19.94%	39.88%
	3	15.33%	55.21%
	1	91.38%	91.38%
基于加权相关系数的PCA	2	5.23%	96.61%
基于加权相关系数的PCA	3	2.36%	98.97%

方法	第一维独立成分			第二维独立成分
方法	最高	最低	平均	最高	最低	平均
传统FastICA	51	51	51	3	3	3
改进FastICA	4	3	3.2	2	2	2

方法	运行时间/s
方法	最多	最少	平均
传统FastICA	0.468	0.327 6	0.380 6
改进FastICA	0.156	0.109 2	0.137 3

Improved FastICA algorithm for data optimization processing in intrusion detection

RichHTML

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

Figures/Tables 11

References 18

Related Articles 15

Metrics

Recommended 0

[1]	Xin SUN, Guifu ZHANG, Hongyan XING, Wang Zenghui. Research on intrusion detection for maritime meteorological sensor network based on balancing generative adversarial network [J]. Journal on Communications, 2023, 44(4): 124-136.
[2]	Yifeng WANG, Yuanbo GUO, Qingli CHEN, Chen FANG, Renhao LIN. Method based on contrastive learning for fine-grained unknown malicious traffic classification [J]. Journal on Communications, 2022, 43(10): 12-25.
[3]	Qixu LIU, Junnan WANG, Jie YIN, Yanhui CHEN, Jiaxi LIU. Application of adversarial machine learning in network intrusion detection [J]. Journal on Communications, 2021, 42(11): 1-12.
[4]	Jin HOU, Yunzhe LI, Tianyu LI. Underdetermined DOA estimation of coherent signals based on denoising complex FastICA and sparse reconstruction [J]. Journal on Communications, 2021, 42(11): 172-181.
[5]	Youliang TIAN,Yulong WU,Qiuxian LI. Optimum response scheme of intrusion detection based on information theory [J]. Journal on Communications, 2020, 41(7): 121-130.
[6]	Xinglan ZHANG,Shenglin YIN. Intrusion detection model of random attention capsule network based on variable fusion [J]. Journal on Communications, 2020, 41(11): 160-168.
[7]	Wei SUN,Peng ZHANG,Yongquan HE,Lichao XING. Attack detection method based on spatiotemporal event correlation in intranet environment [J]. Journal on Communications, 2020, 41(1): 33-41.
[8]	Zhen ZHANG,Peng WEI,Yufeng LI,Julong LAN,Ping XU,Bo CHEN. Feature selection algorithm based on improved particle swarm joint taboo search [J]. Journal on Communications, 2018, 39(12): 60-68.
[9]	Ying-xu LAI,Zeng-hui LIU,Xiao-tian CAI,Kai-xiang YANG. Research on intrusion detection of industrial control system [J]. Journal on Communications, 2017, 38(2): 143-156.
[10]	Ping ZHANG,Hui-min HE,Chun-yan ZHANG,Cong CAO,Yan-bing LIU,Jian-long TAN. FilterFA: a multiple string matching algorithm based on specification of character set [J]. Journal on Communications, 2016, 37(12): 103-114.
[11]	Jie SU,Wei-wei DONG,Xuan XU,Shuai LIU,Li-peng XIE. GHSOM intrusion detection based on Dempster-Shafer theory [J]. Journal on Communications, 2015, 36(Z1): 60-64.
[12]	Yang XIAO,Lei BAI,Xian WANG. Friends mechanism-based routing intrusion detection model for mobile ad hoc network [J]. Journal on Communications, 2015, 36(Z1): 203-214.
[13]	Xiao-nian WU,Xiao-jin PENG,Yu-yang YANG,Kun FANG. Two-level feature selection method based on SVM for intrusion detection [J]. Journal on Communications, 2015, 36(4): 19-26.
[14]	. Research on distributed genetic k-means for anomaly detection in MANET [J]. Journal on Communications, 2015, 36(11): 167-173.
[15]	. Adaptive AP clustering algorithm and its application on intrusion detection [J]. Journal on Communications, 2015, 36(11): 118-126.