V-detector Algorithm Research Articles

Improved V-detector algorithm based on bagging for earthquake prediction with faults

Improved V-detector algorithm based on bagging for earthquake prediction with faults

Research on the application of improved V-detector algorithm in network intrusion detection

Abstract Network intrusion detection has been widely discussed and studied as an important part of protecting network security. Therefore, this paper presents an in-depth study of the application of an improved V-detector algorithm in network intrusion detection. In this paper, we construct a V-detector intrusion detection model, adopt the “self-oriented” identification principle, and randomly generate detectors with large differences from the health library. A smaller number of detectors are used to compare the data information generated by the computer, and if they are similar, they are judged as intrusions. Intrusion detection experiments are performed on multiple types of networks by using classifiers to determine whether the access to be detected is an attack access. The experimental results show that the model has the lowest false alarm rate for mixed feature networks, with a false alarm rate of only 13% and a detection rate of 89%, with a sample size of 25,987. After the improvement of the V-detector intrusion detection model, the error correction output problem leads to a network intrusion with a miss rate of only 11% and a protection rate of 85%. The experimental data proved that the model has the advantages of large data size and comprehensive intrusion attack types.

Fuzzy optimized V-detector algorithm on Apache Spark for class imbalance issue of intrusion detection in big data

Fuzzy optimized V-detector algorithm on Apache Spark for class imbalance issue of intrusion detection in big data

A hybrid real-valued negative selection algorithm with variable-sized detectors and the k-nearest neighbors algorithm

A negative selection algorithm generates detectors to realize abnormality detection by simulating the maturation process of T cells in human immunity. Holes are areas of feature space that cannot be covered by the detector set and are the major factor in the degradation of algorithm performance. Conventional methods alleviate the hole problem by minimizing the coverage area of the holes. In this study, we approach the issue from a different angle. Holes are prone to form in the boundary area between the self and nonself regions, and when the self and the nonself cross or overlap, the hole problem becomes more serious. The k-nearest neighbors (k-NN) algorithm is more suitable than other methods for pending instance sets where the class domain crosses or overlaps more. Therefore, we propose a hybrid real-valued negative selection algorithm with variable-sized detectors (V-Detector) and the k-NN algorithm, abbreviated as V-Detector-kNN. The V-Detector-kNN hybrid algorithm first uses the V-Detector algorithm to classify, and then, for the problem that the nonself instances in the holes are misclassified as selfs, k-NN is introduced to classify those misclassified instances to improve the detection rate. Theoretical analysis proves that the V-Detector-kNN algorithm that we proposed has a higher detection rate than the V-Detector algorithm in most cases. Comparative experiments with 5 different algorithms on 9 UCI datasets show that our proposed algorithm ranks first in detection rate.

Using known nonself samples to improve negative selection algorithm

Negative selection algorithm is the core algorithm of artificial immune system. It only uses the self for training and generates detectors to detect abnormalities. Holes are feature space areas that the detector fails to cover, it is the root cause of the performance degradation of the negative selection algorithm. The conventional method generates a large number of detectors randomly to repair the holes, which is time-consuming and not effective. To alleviate the problem, we propose a V-Detector-KN algorithm in this paper. V-Detector is the abbreviation of the real-valued negative selection algorithm with Variable-sized Detectors, KN represents Known Nonself. The V-Detector-KN algorithm uses the known nonself as the candidate detector to further generate the detector based on the V-Detector randomly generated detector, so as to realize the repair of holes. Compared with the conventional method to randomly generate detectors to repair holes, our proposed V-Detector-KN method uses known nonself to repair holes, reducing the randomness and blindness of hole repair. Theoretical analysis shows that the detection rate of our algorithm is not lower than that of the conventional V-Detector algorithm. The results of experiment comparing with other 6 algorithms on 7 UCI data sets show the superiority of our proposed algorithm.

Tolerant V-Detector algorithm

V-Detector algorithm is an example of negative selection algorithm, proposed to distinguish between self and nonself samples, represented as real-valued vectors. It is used mainly for detecting anomalies in high dimensional datasets. For this purpose, the set of detectors is generated, usually in random way, base only on information about normal behaviour. The main problem with this algorithm is scalability and high computational complexity. This paper presents a new approach for building the detectors, inspired by idea from the tolerance rough sets. With this algorithm it is possible to detect an outliers as well as those samples which are very similar to both classes and their correct classification requires additional verification. Partially, it also solves the scalability problem as detectors has a higher discrimination power in comparing to its basic version.

Research on Fault Diagnosis of Rotor based on Improved V-detector Algorithm

A rotor fault diagnosis method based on improved V-detector algorithm is proposed in this paper for improving the rotor fault diagnosis accuracy. Firstly, the V-detector algorithm is advanced to improve the detection accuracy of the algorithm by changing conditions of the rejecting and accepting hypothesis testing to reduce the generation of the invalid detectors, and it optimizes the generated detector set referring to the regulatory mechanism of immune system on immune cells; secondly, the entropy value of the signal is used as a feature vector and divided into different self-sample sets according to fault types, several detector sets are generated by using the improved V-detector algorithm; then classifier for identifying rotor fault is finally designed based on such sets. Simulation results show that the improved V-detector algorithm can produce fewer detectors, and the number of detectors will not be obviously increased when the estimated coverage is increased from 95% to 99%. This approach improves the fault identification accuracy compared with the traditional V-detector algorithm.

An Intrusion Detection Model for Wireless Sensor Networks With an Improved V-Detector Algorithm

Due to the advantage of negative selection algorithm (NSA) in classification domain, this paper proposes an intrusion detection model named as wireless sensor networks (WSN-NSA) based on an improved V-detector algorithm for WSN. To overcome the problem of resource constraints of storage space, computing capacity and energy in WSN, the main strategy of the WSN-NSA is to establish a three level detection mechanism by taking the advantage of the cooperation of the base station, detection nodes, and ordinary nodes considering their different capabilities, and to modify the V-detector algorithm by modifying the detector generation rule and optimizing the detectors, and to use the principal component analysis to reduce the detection features. Two kinds of detectors sets which are memory detector set and mature detector set are used to detect the intrusion. The simulation results show that the proposed model outperforms the intrusion detection systems using the V-detector in the reduction of data storage space and computation, the increased detection rate, and the quick response to the secondary attack.

Study on extension negative selection algorithm

Aimed at the problems of low generation efficiency, serious redundancy and poor matching capability of detectors, the extension negative selection algorithm ENSA is proposed by fusing extenics and artificial intelligence system. The basic conceptions of ENSA are described by basic element, and the affinity between detector and antigen or antibody is calculated by dependent function. The algorithms of extension detector generation and optimisation are designed, and the parameters of them are analysed. Furthermore, the performance of ENSA is analysed both in theory and simulation experiment. The results from the Iris dataset show that when generating five detectors, the coverage rate of ENSA is 87.5% which is 70.28% higher than that of RNSA and 76.95% higher than that of V-Detector algorithm; when the expected coverage rate is 90%, three detectors are required in ENSA, which is 14 fewer than that of RNSA and 74 fewer than that of V-Detector algorithm; when the same antibodies are tested, the correct rate of ESNA and RNSA is 100% while the VDetector algorithm's is 90%.

二次否定选择算法

A negative selection algorithm (NSA) is an important method of generating artificial immune detectors for anomaly detection. However, traditional NSAs aim at eliminating self-recognized invalid detectors by matching randomly generated candidate detectors with the whole self-training set. The matching process of the training set (self-tolerance) contributes the main time cost of such NSAs. The self-tolerance of these NSAs only considers the relationship between candidate detectors and the self-training set, and does not consider the candidate detectors repetitive coverage with the existing detector set, which leads to unnecessary self-tolerance of candidate detectors and thus an excessive count of detectors and much lower efficiency of detector generation. In this paper, we put forward the dual negative selection algorithm (2-NSA), which includes two negative selection processes. In the first negative selection process, each randomly generated candidate detector first tolerates with the existing detector set and becomes a semi-mature detector when it does not match with any existing mature detector in the existing detector set. In the second negative selection process, the semi-mature detector outside the mature detectors coverage tolerates with the self-training set and becomes a mature detector when it does not match with any element in the self-training set. The 2-NSA avoids the time-consuming self-tolerance process of the candidate detector within the coverage of existing mature detectors, and thus greatly reduces the size of the detector set and improves detector generation efficiency. Theoretical analysis shows that 2-NSA effectively improves the efficiency of detector generation, reduces the time cost of the algorithm and reduces the false-positive rate of the detection system. The experimental results show that, for the Iris dataset and 99% expected coverage, 2-NSA has 99.84% and 95.69% fewer detectors, a 60.13% and 50.90% lower false-alarm rate, and a 99.79% and 66.84% lower time cost than the classical real-valued NSA and V-Detector algorithm respectively.