您好,我使用的是KDD 1999数据集,我一直希望在matlab中应用朴素贝叶斯。我想知道的是kdd数据集是一个494021x42数据数组,如果您在朴素贝叶斯代码中注意到下面的“ training”和“ target_class”:
training = [1;0;-1;-2;4;0]; % this is the sample data.
target_class = ['posi';'zero';'negi';'negi';'posi';'zero'];
% This should have the same number of rows as training data but why?
% Training and Testing the classifier (between positive and negative)
test = 10*randn(10,1) % this is for testing. I am generating random numbers.
class = classify(test,training, target_class, 'diaglinear')
% This command classifies the test data depening on the given training data using a Naive Bayes classifier
% diaglinear is for naive bayes classifier; there is also diagquadratic
我想知道“ Target_class”与kdd数据集攻击类型有关吗?
back dos
buffer_overflow u2r
ftp_write r2l
guess_passwd r2l
imap r2l
ipsweep probe
land dos
loadmodule u2r
multihop r2l
neptune dos
nmap probe
perl u2r
phf r2l
pod dos
portsweep probe
rootkit u2r
satan probe
smurf dos
spy r2l
teardrop dos
warezclient r2l
warezmaster r2l
还是目标类包含在“测试”集中的列标题?即
protocol_type: symbolic.
service: symbolic.
flag: symbolic.
src_bytes: continuous.
dst_bytes: continuous.
land: symbolic.
wrong_fragment: continuous.
最佳答案
如果您在以下位置阅读了任务定义,例如here,您将看到目标类确实是攻击类型。但是,训练集包含的攻击类型少于测试集。
这样做是出于现实的考虑,因为在您训练了入侵检测算法之后,它必须能够处理与现有攻击相似但又不同的新攻击类型。