|
|
计算机应用研究 2011
Alarm correlation analysis based on SVM and fuzzy logic
|
Abstract:
This paper proposed an alarm correlation algorithm based on support vector machine(SVM) and fuzzy logic to solve the problems of poor dynamic adaptability, high false alarm rate and so on, which were existing in the alarm correlation of network fault diagnosis. For the problems of network uncertainty and nonstandard data formats, sliding time window,fuzzy time series and feature statistics were employed in the data pre-processing part. The alarm correlation part was realized through the training and identificating of SVM. Experiment on DARPA intrusion detection evaluation data set shows that the algorithm has lower false alarm rate,higher compression ratio and better dynamic adaptability, which improve the efficiency of alarm correlation.
