%0 Journal Article
%T A Network Anomaly Detection Method Based on Transduction Scheme<br>基于直推式方法的网络异常检测方法
%A LI Yang
%A FANG Bin-Xing
%A GUO Li
%A CHEN You
%A <br>李洋
%A 方滨兴
%A 郭莉
%A 陈友
%J 软件学报
%D 2007
%I 
%X Network anomaly detection has been an active and difficult research topic in the field of intrusion detection for many years. Up to now,high false alarm rate,requirement of high quality data for modeling the normal patterns and the deterioration of detection rate because of some "noisy" data in the training set still make it not perform as well as expected in practice. This paper presents a novel network anomaly detection method based on improved TCM-KNN (transductive confidence machines for K-nearest neighbors) machine learning algorithm,which can effectively detect anomalies using normal data for training. A series of experiments on well known KDD Cup 1999 dataset demonstrate that it has lower false positive rate,especially higher confidence under the condition of ensuring high detection rate than the traditional anomaly detection methods. In addition,even provided with training dataset contaminated by "noisy" data,the proposed method still holds good detection performance. Furthermore,it can be optimized without obvious loss of detection performance by adopting small dataset for training and employing feature selection aiming at avoiding the "curse of dimensionality".
%K network security
%K anomaly detection
%K strangeness
%K TCM (transductive confidence machines)
%K TCM-KNN (transductive confidence machines for K-nearest neighbors) algorithm<br>网络安全
%K 异常检测
%K 奇异值
%K 直推式信度机
%K TCM-KNN算法
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=7735F413D429542E610B3D6AC0D5EC59&aid=6B7BB100309FB3B81DD5F1FE2FF80EE9&yid=A732AF04DDA03BB3&vid=13553B2D12F347E8&iid=F3090AE9B60B7ED1&sid=B0B896F08D444B98&eid=385F9ADEE3F55130&journal_id=1000-9825&journal_name=软件学报&referenced_num=1&reference_num=19