H. X. ZHOU ET AL.
Copyright © 2013 SciRes. CN
, high dimensional feature space
, nonlinear
mapping
. Nonlinear samples can be mapped
to high-dimensional feature space
by kernel function
and mapping
to construct an optimal separating
hyperplane in
. The points on the optimal separating
hyperplane need to meet:
, (1)
and classification interval is equ al to
. If we want
the best effect of classifying, classification interval shall
take the maximum, that is to say,
ω
shall take the
min i mu m [6].
In practice, classic support vector machine cannot solve
mul ti -class problems. So we need to take other ways to
solve them. In [7], the author listed some common mul-
ti-class classification method, such as one-against -one me-
thod, one-against-all method, binary tree method, error
correcting output codes (ECOC) method, directed acyclic
graph SVM (DAGSVM) method, etc.
2.2. Hadamard Coding Algorithm
Hadamard error correcting output codes method is a typ-
ical algorithm which decomposes multi-class problem into
several two-class problems. Hadamard matrix was pro-
posed by James Joseph Sylvester on the basis of ortho-
gonality in 1867 [8]. It is a square matrix which is made
of “−1” and “+1”, and any different two rows of it is
mutually orthogonal.
dimensional Hadamard matrix
can be obtained by
dimensional matrix through
the method of recursing.
/2 /2
/2 /2
N
H
=
−
(2)
For
dimensional matrix, any two rows or two
columns are neither same nor complementary. The dis-
tance between any two rows or two columns is
.
These features meet the needs of classifier training, but
the first “−1” column in the matrix cannot be used for
classifier coding. So the original
dimensional matrix
needs to be cut in a certain degree.
3. Experimental Design and Implementation
Experimental design includes two aspects: coding matrix
construction and the training of classifier. Coding matrix
construction is conducted on the basis of Hadamard ma-
trix. The realization of classifier is implemented on NS2
and LIBSVM pla t form.
3.1. Construct Modified Coding Matrix
According to the characteristics of the matrix and coding
principles, the approach of Sparse-ECOC matrix struc-
ture can be shown as follows:
• Obtained a
dimensional Hadamard matrix ac-
cording to Equation (2).
• Delete the first “−1” column, and obtained a
dimensional matrix.
• Take the first
lines of the matrix, and obtained a
dimensional matrix.
• Chose an element from each row and replace it with
element “0”. Ensure the minimum hamming distance
as large as possible.
The sign l expresses sample class number. The mod-
ified coding matrix has simple coding scheme, less num-
ber of classifiers constructed, and convenient calculation.
Any two rows or two columns are neither same nor com-
plementary. Th e hamming distance b etween any tw o rows
is equal to
.
The coding matrix constructed in this way is ternary
code matrix. In ternary code encoding, element “1” ex-
presses positive, element “−1” expresses negative, and
element “0” expresses doing nothing with it [9]. The ad-
dition of zero elements made classifier more simplified,
so we call this coding matrix Sparse-ECOC matrix.
The Sparse-ECOC matrix not only satisfies the train-
ing requirements of multi-class SVM classifier, but also
reduces each single classifier's construction time because
of the addition of zero elements. These properties effec-
tively improve the training speed and comprehensive
performance.
3.2. Classifier Implem entation
The Sparse-ECOC multi-class algorithm proposed in this
paper mainly detect for hello flooding attack, denial-of-
service (DoS) attack, blackhole attack, selective for-
warding attack and sybil attack in WSN. Detect and clas-
sify attacks by analyzing the energy of nodes and packets
received and send situations in the networks. In order to
reduce the complexity of calculation, we choose appro-
priate flow characteristics for each attack as less as poss-
ible.
For hello flooding attack, we select the energy of
package sent as its feature. For DoS attack, we select the
number of data packets received. For blackhole attack,
we select the number of route request replies received,
the number of route request replies sent, and the number
of route request replies dropped. For selective forwarding
attack, we select the number of route errors send and the
number of route errors received. For sybil attack, we se-
lect the frequency of the node selected as cluster head
[10].
Classifier realization mainly includes four processes: data
acquisition, data preprocessing, kernel function selection
and classifier training, algorithm verification (Figure 1).
1) Data acq uision: Bu ild a hierarchic al and cluster struc-
ture model of WSN in NS2. We choose IEEE 802.15.4