ERRORS ESTIMATING OF INCOMPLETION AND UPDATING STRATEGY IN IDS
Because there existed the problem of incomplete training sets in current intrusion detection systems, it results in false positive errors. In the paper, an ID model-IAIDM (Immune-based Adaptive Intrusion Detection Model) is firstly put forward. Based on the characteristics of IAIDM, a analytical method of discrete random process is introduced to estimate the ratio of false positive errors. The analytical results show that incomplete training sets mainly affect the peripheral regions of self space instead of the whole of sample space. According to the analytical results, an Incremental Algorithm (IA) is proposed to update incomplete training sets dynamically. The experiment results demonstrate IA algorithm can update local self space having changed instead of the whole space incrementally and dynamically so that IAIDM can adjust itself to the current network environment quickly.
Intrusion detection system incompletion natural immune system
FU-XIONG SUN
Institute of Information, Zhongnan University of Economics and Law, Wuhan 430074, China
国际会议
2006 International Conference on Machine Learning and Cybernetics(IEEE第五届机器学习与控制论坛)
大连
英文
2948-2953
2006-08-13(万方平台首次上网日期,不代表论文的发表时间)