基于径向基函数入侵检测学习系统的框架研究(IJMECS-V4-N1-3)

I.J.Modern Education and Computer Science, 2012, 1, 19-25

Published Online February 2012 in MECS (https://www.sodocs.net/doc/c53033307.html,/)

DOI: 10.5815/ijmecs.2012.01.03

A Frame of Intrusion Detection Learning System

Utilizing Radial Basis Function

Dr. S.Selvakani Kandeeban

Professor and Head, Department of Computer Applications,

Francis Xavier Engineering College, Tirunelveli, Tamilnadu, India

Email: sselvakani@https://www.sodocs.net/doc/c53033307.html,

Dr. R.S.Rajesh

Professor, Department of Computer Science and Engineering,

Manonmanium Sundaranar University, Tirunelveli, Tamilnadu, India

Email: rs_rajesh@yahoo.co.in

Abstract— The process of monitoring the events that occur in a computer system or network and analyzing them for signs of intrusion is known as Intrusion Detection System (IDS). Detection ability of most of the IDS are limited to known attack patterns; hence new signatures for novel attacks can be troublesome, time consuming and has high false alarm rate. To achieve this, system was trained and tested with known and unknown patterns with the help of Radial Basis Functions (RBF). KDD 99 IDE (Knowledge Discovery in Databases Intrusion Detection Evaluation) data set was used for training and testing. The IDS is supposed to distinguish normal traffic from intrusions and to classify them into four classes: DoS, probe, R2L and U2R. The dataset is quite unbalanced, with 79% of the traffic belonging to the DoS category, 19% is normal traffic and less than 2% constitute the other three categories. The usefulness of the data set used for experimental evaluation has been demonstrated. The different metrics available for the evaluation of IDS were also introduced. Experimental evaluations were shown that the proposed methods were having the capacity of detecting a significant percentage of rate and new attacks.

Index Terms—Genetic algorithm, Intrusion Detection, KDD

99 Data Set, Radial Basis Function neural Network.

I.I NTRODUCTION

In recent years Security attacks through Internet has increased to many folds and Information security becomes a serious global concern of the present time. The growth of Internet has brought not only the benefits but also the security threat to the modern world. The threats on the Internet can translate to substantial losses resulting from business disruption, loss of time and money and damage to reputation.

The growth of Internet has brought about great benefits to the modern society; meanwhile, the rapidly increasing connectivity and accessibility to the Internet has posed a tremendous security threat. Malicious usage, attacks and sabotage have been on the rise as more and more computers are put into use. The attacks on the Internet have become both more prolific and easier to implement because of the ubiquity of the Internet and the pervasiveness of easy-to-use operating systems and development environments.

An IDS typically operates behind the firewall looking for patterns in network traffic that might indicate malicious activity. The existing network security solutions including firewalls were not designed to handle network and application layer attack such as Denial of Service. The unauthorized activities on the Internet are not only by the external attackers but also by internal sources. These internal activities cannot be prevented by a firewall which usually stops the external traffic from entering the internal network.

Technologies such as anti-virus and anti-malware are of importance. IDS forms the main backbone of detection and add a whole other layer of protection, by analyzing certain criteria that other antivirus cannot, therefore improving security and coving all aspects of malicious activity not just from a single source of attack such as viruses. They are also extremely useful not only in protecting the network but also for identifying problems with security policies, documenting and categorizing current threats to the system. There is a need for IDS system because it is very hard to detect malicious behaviour in a networked environment without it and as well make sure that access rights are being enforced correctly [6].

IDS is a security system that monitors any unauthorized access, violations and malicious activities in the network system. There are two main types of IDS, such as NIDS (Network based IDS) and HIDS (Host based IDS). A network based IDS monitors network traffic on a particular segment or device and analyse the network transport and application layer protocols to identify malicious activity. This particular system looks for patterns of network traffic in order to determine attack variations. A host based IDS is responsible for a single host only. The primary function is to categorize the various system and data files, so that any attempt at access is logged, monitored the traffic and reported.

This paper is organized as follows: section 2 presents an overview of related works. The data set used is described in section 3. Then section 4 describes the first two phases of our work followed by the continuation of

20 A Frame of Intrusion Detection Learning System Utilizing Radial Basis Function

RBF training. Finally section 5 describes the experimental results of our method applied to (Defense Advanced Research Projects Agency) DARPA data set followed by conclusions and future work.

II.BACKGROUND STUDY

The application of neural networks to intrusion detection has been investigated by many researchers. Properly designed and implemented, neural networks have the potential to address many of the problems encountered by rule based approaches.

Lippmann and Cunningham [8] of MIT (massachusetts institute of technology) Lincoln Laboratory conducted a number of tests employing neural networks for misuse detection (Planquart, 2001; Rhodes et al. 2000). The system was searching for attack-specific keywords in the network traffic [15,16]. A multilayer perceptron had been used for detection UNIX host attacks, and attacks to obtain root-privilege on a server. The system was trying to detect the presence of an attack by classifying the inputs into two outputs: normal and attack. The system was able to detect 80% of attacks. The main achievement of this system was its ability to detect old as well as new attacks which was not included in the training data.

L. Girardin [11] of UBILAB laboratory performed clustering of network traffic in order to detect attacks. A visual approach [17] was chosen for attack association (Sabhnani and Serpen, 2003). Self Organizing Maps (SOM) were employed to project network events on an appropriate 2D-space for visualization and then the network administrator analyzed them. Intrusions were extracted from the view by highlighting divergence from the norm with visual metaphors of network traffic. The main disadvantage of this approach is its need in interpretation of network traffic by an administrator or other authorized person to detect attacks.

Kayacik et al. utilize KDD Cups data set for the experiments [12]. They create three layers of employment (Kayacik et al., 2003): First, individual SOM are associated with each basic Transmission Control Protocol (TCP) feature. This provides a concise summary of the interesting properties of each basic feature as derived over a suitable temporal horizon. Secondly, integrates the views provided by the first level SOM into a single view of the problem. At this point, they used the training set labels associated with each pattern to label the respective best matching unit in the second layer. The third layer is built for those neurons, which win for both attack and normal behaviors. The results in third layer SOMs being associated with specific neurons in the second layer. Moreover, the hierarchical nature of the architecture means that the first layer may be trained in parallel and the third layer SOMs were only trained over a small fraction of the data set.

Several researchers have combined Multi-Layer Perceptron (MLP) and Self-Organizing Map (SOM) in their attempt to create an intrusion detection system. Cannady et al. of Georgia Technical Research Institute and Fox et al. have investigated application of MLP model and SOM for misuse detection (Fox et al., 1990; Cannady and Mahaffey, 1997; Planquart, 2001). They [4,5,10] have used a feed-forward network with back-propagation learning, which contained 4 fully connected layers, 9 input nodes and 2 output nodes (normal and attack). The network had been trained for a certain number of attacks. The network was succeeded in identifying attacks for which it was trained for. It has been shown that network traffic can be efficiently modeled using [2, 7, 8] artificial neural networks (Aussem et al. , 2000; Cunningham and Lippmann, 2000; Cunningham and Lippmann 2000b), therefore MLP was chosen to examine network traffic data. SOM had been used to group network traffic together to present it to the neural network [20, 11, 12], as SOM have been shown to be effective in novelty detection (Ypma and Duin, 1998; Girardin and Brodbeck, 1998; Kayacik et al., 2003). Agarwal et al. propose a two-stage [1] general-to-specific framework for learning a rule based model to learn classifier models on a data set that has different distribution class in the training data (Agarwal and Joshi, 2000). They utilized KDD Cups database for training and testing their system. The system performed very well on detecting Probing and DOS(Denial of Service) attacks identifying 73.2% and 96.6% respectively. 6.6% of U2R (User to Root) attacks and 10.7% of R2L (Remote to Local) were detected. False alarms were generated at a level of less than 10% for all attack categories except for U2R – an unacceptably high level of 89.5% false alarm rate was reported for this category.

Levin creates a set of locally optimal decision trees (decision forest) from which optimal subset of trees (sub-forest) was selected for predicting new cases (Levin, 2000). 10% of KDD Cups database is used for training and testing [1, 14]. Data was randomly sampled from the entire training data set. Multi-class detection approach was used to detect different attack categories in the KDD data set. Just like Agarwal and Joshi (Agarwal and Joshi, 2000) Levin tried to classify the data into four main categories: Probing, DOS, U2R, and R2L. The final trees shows very high detection rates for all classes including the R2L in the entire training data set. In particular, 84.5% detection rate for Probing, 97.5% for DOS, 11.8% for U2R, and 7.32% for R2L. The following false alarm rates were detected for Probing, DOS, U2R and R2L attack categories respectively - 21.6%, 73.1%, 36.4%, and 1.7%.

Ertoz (Ertoz et al., 2001) used Shared Nearest Neighbor technique (SNN) that is particularly suited for finding clusters in data of different sizes [9], density, and shapes, mainly when the data contains large amount of noise and outliers. K-Means performed very well on Probing, DOS, and R2L, detecting 91.8%, 98.75%, and 77.04% respectively. Detection rate for U2R is 5.6%. SNN performed in the following manner: 73.48% for Probing, 77.76% for DOS, 37.82% for U2R, and 68.15% for R2L. False alarms were not discussed by the author. Yeung et al. propose a novel detection approach using non-parametric density estimation based on Parzen-window estimators with Gaussian kernels to build an intrusion detection system using normal data only. The results were very high in most cases: 99.17% detection of Probing, 96.71% of DOS, 93.57% of U2R, and 31.17% of R2L. No false alarms information was available [19]. The main advantage of this technique was its capability of classifying the attack, not just detecting it.

III.T HE D ATA S ET

The data set for our experiments were prepared by the 1998 DARPA Intrusion evaluation program by MIT Lincoln Labs [13]. The data set has 41 attributes and 24 attack types that could be classified into four main categories:

?DOS: Denial – of – Service, e.g., SYN flood

?R2L: Unauthorized access from a remote machine, e.g., guessing password

?U2R: Unauthorized access to local super user(root) privileges, e.g., buffer overflow

attacks;

?Probing: Surveillance and other probing, e.g., Port Scanning

dataset, 10% of the full training dataset and of the testing dataset. It can be noticed that the normal, probe and DoS connections keep their distribution across the three datasets while the same is not valid for U2R and R2L connections. For U2R connections a slight increase in number of instances in the test dataset versus the training dataset can be noticed. U2R instances represent 0.01% of the 10% training dataset and 0.2% of the test dataset. On the other hand, the proportion of the R2L connections dramatically increases in the test dataset (5.2%) compared to the training one (0.2%). Furthermore, the

R2L connections are spread in space posing real challenge for determining an accurate model for classification.

The data set contains six million records. Each connection is labeled as either normal or as an attack, with exactly one specific attack type. Each connection record consists of about 100 bytes. Table I shows the various attacks present in KDD 99 cup set.

There are so many criticism against the work based on the DARPA data set. Being the only comprehensive data set that can be shared for IDS evaluation it becomes reasonable to analyze the shortcomings and also its importance and strengths for such a critical evaluation. The main criticisms against the DARPA data set are by McHugh and by Mahoney. McHugh criticizes the procedures used in building the data set and in performing the evaluation. Mahoney comments on the irregularities in the data, like the obvious difference in the (Time To Live) TTL value for the attacks as well as the normal packets, which makes even a trivial detector showing appreciable detection rate.

The general thought that even with all the criticisms, the DARPA data set is still rigorously used by the research community for the evaluation of IDS. The non availability of any other data set that includes the complete traffic was probably the initial reason to make use of the DARPA data set for evaluation by a researcher in IDS. Also the experience while trying to work with the real data traffic was not good; the main reason being the lack of the information regarding the status of the traffic. It involves high cost if an attempt is made. The research work that used the real network data was not able to report the detection rate or other evaluation metrics for a comparison purpose.

Mahoney comments that if an advanced IDS could not perform well on the DARPA data set, it could also not perform acceptably on realistic data. Hence before thinking of junking the DARPA data set, it is wise to see whether the State of the art IDS performs well, in the sense that it detects all the attacks of the DARPA data set.

TABLE I

A TTACKS PRESENT IN THE D ATA S ET

Attack

Class

Attack Type

Probe Portsweep, ipsweep, Isdomain,

ntinoscan, mscan, illegal-

sniffer,queso, satan

DOS Apache2,smurf,neptune,dosnuke,land,

pod,back,teardrop,tcpreset,syslogd,cra

shiis,arrppoison, mailbomb, selfping,

processtable,udpstrom, warezclient

R2L Dict,netcat,sendmail,imap,ncftp,xlock,

xsnoop,shtrojan,framespoof,ppmacro,

guest,netbus,snmpget,ftpwrite,httptun

nel, phf, named

U2R Sechole,xterm,eject,ntfsdos,nukepw,se

cret,perl,ps,yaga,fdformat,ppmacro,fff

config, casesen, loadmodule,sqlattack.

IV.

O UR M ETHODOLOGY

Our methodology is divided in to three phases as follows. Features were reduced based on Correlation and optimized rules were developed using Genetic Algorithm and new attack patterns were detected by learning the patterns from the Neural Network Radial Basis Function Networks as shown in Figure 2.

As the first step in our work is to cope with the speed problem mentioned above, we have used the results obtained in our previous work [18] where we deployed Information Gain based Mutual Information, in order to extract the most relevant features of the data. In this way, the total amount of data to be processed is highly reduced. As an important benefit of this arises the high speed of training the system thus providing high refreshing rate of the rule set.

Subsequently, these features are used to form rules for detecting various types of intrusions using Genetic Algorithm. This permits the introduction of higher level of generality and thus to higher detection rates. The procedure starts from an initial population of randomly generated individuals. Then the population is evolved for a number of generations while gradually improving the qualities of the individuals in the sense of increasing the fitness value as the measure of quality. The final step is to train the network using Radial Basic Function Network to detect the unknown attack.

V. R ADIAL B ASIS F UNCTION L EARNING S TRATEGIES

In a RBF network, different layers perform different tasks. Therefore it is useful to separate the optimization of the hidden unit and output layers of the network by using different techniques. There are different learning strategies in the design of an RBF network depending on how the centers of RBFs of the network are determined: fixed centers, selection of centers. The adjustable parameters within a radial basis function network that effect classification accuracy and that may provide information for rule extraction such as the number of basic functions used, location of the centre of the basis function, width of the basis function, and the weights connecting the hidden RBF units to the linear output units as shown in Figure 3.

We apply Gaussian function as its basis function which has a center at a data point X i and distinct speed σi

)

2exp(

)(22

i

i i

i X

X X

X σ

φ?=? (1)

Two things to be viewed; First it can be seen as a technique for determining how the neural network performs any given input to output mapping. Second often this process may produce rules that are more accurate than the original rules that may no longer provide a faithful reproduction of the original operation. The local nature of each RBF hidden unit enables a simple translation into a single rule.

If feature 1 is X and Feature 2 is Y……………..If Feature n is N then attack1.

where a feature is composed of upper and lower bounds calculated by the RBF centre μn positions, RBF width σ and feature steepness S. The values of μ and σ are determined by the RBF training algorithm.

S

X S X i i upper i i lower +?=?+=σμσμ (2)

This has a major advantage to require nothing else that the training set to work (no step learning and threshold) or other parameters. In this RBF network, each attack is represented by a hidden neuron, and each output realizes the union of some of them in order to form the corresponding attack. This approach is considered as a fully self organized one. In-fact it determines a minimal number of local units needed to represent the whole classes known from the learning set. In the same time, it places them in such a manner that the receptive field inducted by each hidden neuron covers optimally, in

some sense, the attribute space. Each of these receptive

fields is controlled by a scale factor, the width σ of the neuron which is automatically adjusted according to the closest attack. So from only the learning set and after a number of iterations proportional to the number of defined neurons, the algorithm gives the size and structure of the RBF net. Several metrics are used to evaluate and compare the performance of Intrusion Detection Systems (IDSs). The most basic metrics are the detection and false alarm rates. The detection rate is equal to the number of intrusions detected divided by the total number of intrusions in a data set, while the false alarm rate is equal to the number of normal instances detected as intrusions divided by the Figure.2. System Flow

Figure 3. RBF Neural Network

number of normal instances in a data set. False alarms are also referred to as false. The diagnosis rate (or recall), meaning the number of correctly classified intrusions divided by the total number of intrusions, is also a relevant metric.

VI.E XPERIMENTS AND R ESULTS

The experimental results demonstrate that the proposed approach to recognize network attacks performance especially in terms of both efficient and accuracy. Neural Network RBF is chosen by us due to their capability to recognize an attack, to differentiate one attack from another, i.e. classify attack and most important, to detect new attacks that were not included into the training set. The results obtained indicate that it is possible to recognize attacks that the intrusion detection system never faced before on an acceptably high level.

The main problem with the IDS approach that they had chosen was that they all attack in the data set, though many of those attacks did not have enough records for training. If an attack doesn’t have enough presence (IMAP attack had only 12 records), it should not be used for training. From the works specified in the review, they grouped the attacks what potentially can lead to a misdetection since not all of the attacks in the same group have identical signature and patterns.

Thus a different approach was chosen to detect and classify attack. The main advantage of this approach was data formatting which allowed us to increase the accuracy rate up to 100% in some cases and the most important advantage, to achieve a high percentage of identification of the attacks that were not included into the training set. The differences between out approach and the approach of other researches are summarized below. First, we have chosen a different strategy in preprocessing. Before using the data set, we made a thorough analysis of the given data. We found out that there are a lot of repeated records. It was obvious that some attacks, such as Smurf were taking more than 50% of the whole data set and some attacks have only 10 or even less records. To optimize the data set, to make it appropriate for the training and testing we wrote a methodology using correlation, that was capable of resolving mentioned above problems and to prepare the data set to use. So the data set was optimized and repeated records were removed and insignificant number of records was omitted.

Features were also selected by the Correlation.

The second important difference was the training set composition. We created training sets, trying to keep even distribution of the attacks in the set and rules formed by Genetic algorithm. Attacks with the most number of records were chosen to be in the training set. The following attacks were used to train and to test. Smurf, Satan, Neptune, IPSweep, Back. The following attacks were chosen for the unknown (not trained) set of attacks. Buffer_overflow, Guess_pswd, NMap, Teardrop, Warezclient.

We can go more into detail with the analysis of the performance of the three IDSs by comparing the output confusion matrices listed in. Rows represent the labels of the connections and columns represent the class attributed by the IDS. The last row displays the rate of true positives (e.g. 71.0% of the connections classified as normal are normal) and the last column displays the accuracy (e.g. 99.3% of normal traffic was classified as normal).

It can be seen in TABLE II that the IDS performs well

on normal and DoS connections, on probe it has a rather poor performance (70.1% diagnosis) and misclassifies most of U2R (15.7% diagnosis) and R2L (2.2% diagnosis) connections. Most of the misclassified probe,

U2R and R2L connections are classified as normal. The models for normal and DoS traffic are fairly accurate since they had a large set of training instances to build on.

Figure 4 represents the values of square error values at 10 input patterns after training neural network. We see the largest value for error is 2*10^ (-31), it is very small value so this ensures the accuracy of RBF in learning this system. The elapsed learning time is 6.334682 seconds; this time is small as it has no iterations which in BP, this also ensures the speed of system under this algorithm. Number of neurons in hidden layer is smaller than in BP, this reduces the cost of system.

The lowest accuracy is 91% for Satan and the highest is 100% for Smurf and Neptune. These results helps to make a conclusion that attacks can be differentiated, thus classified. At this point we proceeded with the most interesting and exciting phase of the experiments – untrained (unknown) attack identification.

When we compared the results with the previous work, it was notable that the chosen technique had its own advantage. First of all, we managed to detect the attacks exactly. Second, classification of the trained attacks was successful with the rate of 90-100%. Third, and the most important was the inability to detect new unknown attacks which were not included into the training set. The accuracy of detecting new unknown attacks was between 80% and 100%.

Figure 4. Square Errors for Each Input Patterns

TABLE II. CONFUSION MATRIX

Predicted / Actual Smurf Ipsweep Nmao Neptune Land Teardrop

%

Correct

Smurf 72535 0 0 1 0 0 99.6 Ipsweep 2 0 0 0 2 0 99.1 Nmap 375 1 737 2 5 0 97.4 Neptune 504 0 2 2922 0 3 93.2 Land 47 0 9 0 242 5 89.4 Teardrop 9 0 0 0 0 2 86.9 % Correct 83.3 93.2 99.2 94.6 89.9 86.3

VII.C ONCLUSION

Many modern commercially used IDS employ the techniques of expert systems which require constant updates from the vendors. This design makes the IDS static, inflexible, not capable of detecting new attacks. In the context of intrusion detection in a computer network, attacks such as R2L and U2R resulted in small number of traffic packets seem to pose a real challenge for detection and diagnosis. It is very hard to build an efficient Classifier to detect Novel attacks. Usually simplicity and speed are traded for accuracy and machine learning methods are complemented by traditional signature based methods.

After performing our experiments, we concluded that with appropriate data formatting, optimizations, data set composition, neural networks demonstrates a very good performance and potential in detecting and classifying trained attacks as well as new unknown attacks which were not included into the training set. This aspect should be further investigated in order to deploy effective IDS s based on Neural Network.

R EFERENCES

[1]Agarwal, R. and M. Joshi. “PNrule: A New

Framework for Learning Classifier Models in Data

Mining”. Technical Report TR 00-015, Department

of Computer Science, University of Minnesota 2000. [2]Aussem, A., et al.. “Queueing Network Modelling

with Distributed Neural Networks for Service Quality Estimation in B-ISDN Networks”.

Proceedings IEEE-INNS-ENNS International Joint

Conference on Neural Networks, Como, Italy 2000. [3]Bernhard Pfahringer, “Winning the KDD99

Classification Cup: Bagged Boosting”, ACM

SIGKDD Explorations Newsletter, Volume 1, Issue 2,

p. 65-66 January 2000.

[4]Cannady, J.. “Artificial Neural Networks for Misuse

Detection”. National Information Systems Security

Conference on Neural Networks, Como, Italy 1998. [5]Cannady, J. and J. Mahaffey. “The application of

artificial intelligence to misuse detection”.

Proceedings of the 1st Recent Advances in Intrusion

Detection (RAID) Conference 1997.

[6]Computer Security and Intrusion Detection,

https://www.sodocs.net/doc/c53033307.html,/crossroads/xrds11-1/csid.html [7]Cunningham, R. and R. Lippmann. "Improving

Intrusion Detection performance using Keyword

selection and Neural Networks." Computer Networks

34(4): 597—603 2000.

[8]Cunningham, R. and R. Lippmann. "Detecting

Computer Attackers: recognizing patterns of

malicious stealthy behavior." MIT Lincoln Laboratory - Presentation to CERIAS 2000.

[9]Ertoz, L., et al.. “Finding Clusters of Different Sizes,

Shapes, and Densities in Noisy, High Dimensional

Data”. Technical Report, University of Toledo 2001. [10]Fox, K., et al.. “A Neural Network Approach

Towards Intrusion Detection”. Proceedings of the

13th National Computer Security Conference,

Washington, D.C. 1990.

[11]Girardin, L. and D. Brodbeck. “A Visual Approach

for Monitoring Logs”. 12th System Administration

Conference (LISA ’98), Berkeley, CA. 1998.

[12]Kayacik, G., et al.. “On the Capability of an SOM

based Intrusion Detection System”. Proceedings of

the International Joint Conference on Neural

Networks, 2003.

[13]KDD Cup 1999 Task Description, Available:

https://www.sodocs.net/doc/c53033307.html,/databases/kddcup99/task.html [14]Levin, I., "KDD-99 Classifier Learning Contest

LLSoft's Results Overview." SIGKDD Explorations

vol. 1, 2000.

[15]P lanquart, J., “Application of Neural Networks to

Intrusion Detection” . SANS Institute, Available at:

https://www.sodocs.net/doc/c53033307.html,/reading_room/whitepapers/dete

ction/336.php?, 2001.

[16]Rhodes, B., et al., “Multiple Self-Organizing Maps

for Intrusion Detection”. National Security Systems

Security Conference, Baltimore, MD. 2000.

[17]Sabhnani, M. and G. Serpen,. “Application of

Machine Learning Algorithms to KDD Intrusion

Detection Dataset within Misuse Detection Context”.

Proceedings of the International Conference on

Machine Learning, Models, Technologies and

Applications (MLMTA 2003), Las Vegas, NV. 2003. [18]Selvakani.S, Rajesh.R.S, “Improving ID

performance using GA and NN”, International

Journal of Computer Aided Engineering and

Technology, Vol.13, N0.1/2/3, Sep 2008.

[19] Yeung, D. Y. and C. Chow, “Parzen-window

Network Intrusion Detectors”. Sixteenth International Conference on Pattern Recognition , Quebec City, Canada, 2002. [20] Ypma, A. and R. Duin, “Novelty Detection using

Self-Organizing Maps”. Progress in Connectionist- Based Information Systems , Springer. 1998.

Dr. S. Selvakani received the MCA degree from Manonmanium Sundaranar University and M.Phil degree from Madurai Kamaraj University. She received Her research interest includes Network Security and Soft computing. She has presented 8 papers in National Conference and 1 paper in international conference. She has published 3 paper in National journal and 11 papers in International Journals. She is currently pursuing her Ph.D degree in Network Security under the Guidance of Dr. R.S.Rajesh. Presently she is working as a Professor and Head, MCA Dept in Francis Xavier Engineering College, Tirunelveli, India.

Dr. R. S Rajesh received his B.E and M.E degrees in Electronics and Communication Engineering

from Madurai Kamaraj University, Madurai, India in the year 1988 and 1989 respectively, and completed his Ph.D in

Computer Science and Engineering from Manonmaniam Sundaranar University in the year 2004. In September 1992 he joined in Manonmaniam Sundaranar University where he is currently working as Reader in the Computer Science and Engineering Department.

用径向基函数求微幅波的势函数

用径向基函数求微幅波的势函数 一、 径向基函数 1.径向基函数介绍 径向基函数是无网格方法的一种，我们知道有限元计算中网格畸变会带来困难，相对与有限元，无网格方法不受网格的影响，取点具有随意性，能更准确地获得获得更加复杂系统的近似解，对于流体，以拉格朗日建立的光滑粒子动力学方法（SPH ）现阶段解决复杂的问题得到广泛的应用。 径向基函数是一类以点x 到xi 的距离di=||x-xi||为自变量的函数。它具有形式简单、空间维数无关、各向同性的优点，由于径向基函数有许多表达式，在这里采用吴宗敏（1995）提出的正定紧支径向基函数，其表达式为 ())5307282366(1)(54326 r r r r r r x I +++++-=+φ （1） ()???≤≤-=-+ 其他时当 010116 r r r mI I d d r =，mI d 是定义在节点I x 处的径向基函数的支撑域半径，I I x x d -=是以点x 到节点I x 的距离； 2.对于径向基函数的插值 设一个函数为 ()a x x u T )(φ= （2） []T N a a a a ,,,21 = （3） ()[]T N x x x x )(,,),()(21φφφφ = （4） 式（4）有N 个未知数，令近似函数u(x)在节点I x 处的值等于函数u(x)在该节点处的值I u ，即I I u x u =)(，可得到N 个线性方程组： u Aa = （5） 式中 ????????????=??????????????=)()()()()()() ()()()(....)()(21222121211121N N N N N N N T T T x x x x x x x x x x x x A φφφφφφφφφφφφ （6） []T N u u u u ,,,21 = （7） 这里u 一般是已知的；’ 由式（5）解出系数矩阵（3）式a ，代入式（2）中，得

svm核函数matlab

clear all; clc; N=35; %样本个数 NN1=4; %预测样本数 %********************随机选择初始训练样本及确定预测样本******************************* x=[]; y=[]; index=randperm(N); %随机排序N个序列 index=sort(index); gama=23.411; %正则化参数 deita=0.0698; %核参数值 %thita=; %核参数值 %*********构造感知机核函数************************************* %for i=1:N % x1=x(:,index(i)); % for j=1:N % x2=x(:,index(j)); % K(i,j)=tanh(deita*(x1'*x2)+thita); % end %end %*********构造径向基核函数************************************** for i=1:N x1=x(:,index(i)); for j=1:N x2=x(:,index(j)); x12=x1-x2; K(i,j)=exp(-(x12'*x12)/2/(deita*deita)); End End %*********构造多项式核函数**************************************** %for i=1:N % x1=x(:,index(i)); % for j=1:N % x2=x(:,index(j)); % K(i,j)=(1+x1'*x2)^(deita); % end %end %*********构造核矩阵************************************ for i=1:N-NN1 for j=1:N-NN1 omeiga1(i,j)=K(i,j); end end

Lagrange插值基函数构造插值多项式

数学与软件科学学院实验报告 学期：至第学期年月日 课程名称:___计算机数值方法___ 专业: 级班 实验编号：1 实验项目一次、二次Lagrange 插值多项式指导教师__张莉_ 姓名：学号：实验成绩： 一、实验目的及要求 实验目的：体会使用Lagrange插值基函数构造插值多项式的特点，熟悉使用一次或二次Lagrange插值多项式近似函数y=f(x)的算法。掌握Lagrange插值多项式近似函数f(x)的误差表达式，并会熟练应用。 实验要求： 1. 给出一次、二次Lagrange插值算法 2. 用C语言实现算法 3. 给出误差分析。 二、实验内容 用下列插值节点数据，构造一次和二次Lagrange插值多项式，并计 三、实验步骤(该部分不够填写.请填写附页) 步骤一：用为代码描述lagrange插值多项式的算法 Step 1:输入：插值节点控制数n，插值点序列（xi,yi）,i=0,1,…n,要计算的函数点x. Step 2: for j=0 to n { { for j=0 to n 对于给定的x,计算lagrange基函数li(x) 然后求tmp=tmp*（x-xj）/(xi-xj); } fx=fx+tmp*yi; } Step 3:输出结果。 步骤二：编辑程序如下：

#include #define MAX_N 3 // 定义点的最大维数 typedef struct tagPOINT /*the structer of point */ { double x; double y; }POINT; //点的结构 int main() { int n,i,j; POINT points[MAX_N+1]; double tmp=1.0; double x; double lagrange=0.0; clrscr(); printf("\nInput n value :"); /*the number of the points inserted*/ scanf("%d",&n); //输入被插值点的个数 if(n>MAX_N) { printf("The input n is larger than MAX_N,please redefine the MAX_N.\n"); return 1; } if(n<=0) { printf("Please input a number between 1 and %d.\n",MAX_N); } printf("Now input the (x_i,y_i),i=0,...%d:\n",n); for(i=0;i<=n;i++) scanf("%lf %lf",&points[i].x,&points[i].y); //输入被插值点 printf("Now input the x value:"); /*the value of x*/ scanf("%lf",&x); //输入待求的点的第一个分量 for(i=0;i<=n;i++) { for(j=0;j<=n && j!=i;j++) tmp*=(x-points[j].x)/(points[i].x-points[j].x); lagrange+=tmp*points[i].y; } //用lagrange来求多项式 printf("the results is %lf",lagrange);

Matlab工具箱中的BP与RBF函数

Matlab工具箱中的BP与RBF函数 Matlab神经网络工具箱中的函数非常丰富，给网络设置合适的属性，可以加快网络的学习速度，缩短网络的学习进程。限于篇幅，仅对本章所用到的函数进行介绍，其它的函数及其用法请读者参考联机文档和帮助。 1 BP与RBF网络创建函数 在Matlab工具箱中有如表1所示的创建网络的函数，作为示例，这里只介绍函数newff、newcf、newrb和newrbe。 表 1 神经网络创建函数 (1) newff函数 功能：创建一个前馈BP神经网络。 调用格式：net = newff(PR,[S1 S2...S Nl],{TF1 TF2...TF Nl},BTF,BLF,PF) 参数说明： ?PR - R个输入的最小、最大值构成的R×2矩阵； ?S i–S NI层网络第i层的神经元个数； ?TF i - 第i层的传递函数，可以是任意可导函数，默认为'tansig'，可

设置为logsig，purelin等； ?BTF -反向传播网络训练函数，默认为'trainlm'，可设置为trainbfg，trainrp，traingd等； ?BLF -反向传播权值、阈值学习函数，默认为'learngdm'； ?PF -功能函数，默认为'mse'； (2) newcf函数 功能：创建一个N层的层叠(cascade)BP网络 调用格式：net = newcf(Pr,[S1 S2...SNl],{TF1 TF2...TFNl},BTF,BLF,PF) 参数同函数newff。 (3) newrb函数 功能：创建一个径向基神经网络。径向基网络可以用来对一个函数进行逼近。newrb函数用来创建一个径向基网络，它可以是两参数网络，也可以是四参数网络。在网络的隐层添加神经元，直到网络满足指定的均方误差要求。 调用格式：net = newrb(P,T,GOAL,SPREAD) 参数说明： ?P：Q个输入向量构成的R×Q矩阵； ?T：Q个期望输出向量构成的S×Q矩阵； ?GOAL：均方误差要求，默认为0。 ?SPREAD：分散度参数，默认值为1。SPREAD越大，网络逼近的函数越平滑，但SPREAD取值过大将导致在逼近变化比较剧烈的函数时神经元过多，若SPREAD取值过小，则导致在逼近平滑函数时，

各种插值方法比较

空间插值可以有很多种分类方法，插值种类也难以举尽。在网上看到这篇文章，觉得虽然作者没能进行分类，但算法本身介绍地还是不错的。 在科学计算领域中，空间插值是一类常用的重要算法，很多相关软件都内置该算法，其中GodenSoftware 公司的Surfer软件具有很强的代表性，内置有比较全面的空间插值算法，主要包括： Inverse Distance to a Power（反距离加权插值法） Kriging（克里金插值法） Minimum Curvature（最小曲率） Modified Shepard's Method（改进谢别德法） Natural Neighbor（自然邻点插值法） Nearest Neighbor（最近邻点插值法） Polynomial Regression（多元回归法） Radial Basis Function（径向基函数法） Triangulation with Linear Interpolation（线性插值三角网法） Moving Average（移动平均法） Local Polynomial（局部多项式法） 下面简单说明不同算法的特点。 1、距离倒数乘方法 距离倒数乘方格网化方法是一个加权平均插值法，可以进行确切的或者圆滑的方式插值。方次参数控制着权系数如何随着离开一个格网结点距离的增加而下降。对于一个较大的方次，较近的数据点被给定一个较高的权重份额，对于一个较小的方次，权重比较均匀地分配给各数据点。计算一个格网结点时给予一个特定数据点的权值与指定方次的从结点到观测点的该结点被赋予距离倒数成比例。当计算一个格网结点时，配给的权重是一个分数，所有权重的总和等于1.0。当一个观测点与一个格网结点重合时，该观测点被给予一个实际为1.0 的权重，所有其它观测点被给予一个几乎为0.0 的权重。换言之，该结点被赋给与观测点一致的值。这就是一个准确插值。距离倒数法的特征之一是要在格网区域内产生围绕观测点位置的"牛眼"。用距离倒数格网化时可以指定一个圆滑参数。大于零的圆滑参数保证，对于一个特定的结点，没有哪个观测点被赋予全部的权值，即使观测点与该结点重合也是如此。圆滑参数通过修匀已被插值的格网来降低"牛眼"影响。 2、克里金法 克里金法是一种在许多领域都很有用的地质统计格网化方法。克里金法试图那样表示隐含在你的数据中的趋势，例如，高点会是沿一个脊连接，而不是被牛眼形等值线所孤立。克里金法中包含了几个因子：变化图模型，漂移类型和矿块效应。 3、最小曲率法 最小曲率法广泛用于地球科学。用最小曲率法生成的插值面类似于一个通过各个数据值的，具有最小弯曲量的长条形薄弹性片。最小曲率法，试图在尽可能严格地尊重数据的同时，生成尽可能圆滑的曲面。使用最小曲率法时要涉及到两个参数：最大残差参数和最大循环次数参数来控制最小曲率的收敛标准。 4、多元回归法 多元回归被用来确定你的数据的大规模的趋势和图案。你可以用几个选项来确定你需要的趋

五种插值法的对比研究---开题报告

五种插值法的对比研究 1. 选题依据 1.1 选题背景 插值法是一种古老的数学方法，插值法历史悠久。据考证，在公元六世纪时， 我国焯(zhuo) 已经把等距二次插值法应用于天文计算。十七世纪时，Newton 和 Gregory(格雷格里) 建立了等距节点上的一般插值公式，十八世纪时，Lagrange(拉格朗日) 给出了更一般的非等距节点插值公式。 而它的基本理论是在微积分产生以后逐渐完善的，它的实际应用也日益增多，特别是在计算机工程中。许多库函数的计算实际上归结于对逼近函数的计算。 1.2 研究的目的和意义 插值法是数值分析中最基本的方法之一。 在实际问题中碰到的函数是各种各样的，有的甚至给不出表达式，只提供了一些离散数据，例如，在查对数表时， 要查的数据在表中找不到，就先找出它相邻的数，再从旁边找出它的修正值， 按一定关系把相邻的数加以修正，从而找出要找的数，这种修正关系实际上就是一种插值。 在实际应用中选用不同类型的插值函数，逼近的效果也不同。在数值计算方法中，我们学习过五种基本的插值方法，即Lagrange 插值、Newton 插值、分段线性插值、分段三次Hermite 插值、样条插值函数。所以通过从这五种插值法的基本思想、特征、性质和具体实例入手，探讨五种插值法的优缺点和适用围，让学习者能够迅速而准确的解决实际问题，掌握插值法的应用。 2. 研究的方法 从具体实例入手并结合Matlab 在科学计算中的优势，通过实验对它们的精度和效率进行比较分析。 3. 论文结构 3.1 论文的总体结构 第一部分 导言 主要介绍选题的背景、目的及意义、研究现状、文献综述等。 第二部分 五种插值法的基本思想、性质及特点 在数值计算方法中，插值法是计算方法的基础，数值微分、数值积分和微分方程数值解都建立在此基础上。 插值问题的提法是：已知f(x)(可能未知或非常复杂函数)在彼此不同的n+1 个实点0x ,1x ,…n x 处的函数值是f(0x )，f(1x )，…,f(n x )，这时我们简单的说f(x)有n+1 个 离散数据对0n i i )}y ,{(x i .要估算f(x)在其它点x 处的函数值，最常见的一种办法就是插值， 即寻找一个相对简单的函数y(x)，使其满足下列插值条件：y(i x )=f(i x )，i=0,1,…,n.，并以y(x)作为f(x)的近似值.其中y(x)称为插值函数，f(x)称为被插函数。

函数的插值方法及matlab程序

6.1 插值问题及其误差 6.1.2 与插值有关的MATLAB 函数 (一) POLY2SYM函数 调用格式一：poly2sym (C) 调用格式二：f1=poly2sym(C,'V') 或f2=poly2sym(C, sym ('V') ), (二) POLYVAL函数 调用格式：Y = polyval(P,X) (三) POLY函数 调用格式：Y = poly (V) (四) CONV函数 调用格式：C =conv (A, B) 例 6.1.2求三个一次多项式、和的积.它们的零点分别依次为0.4,0.8,1.2. 解我们可以用两种MATLAB程序求之. 方法1如输入MATLAB程序 >> X1=[0.4,0.8,1.2]; l1=poly(X1), L1=poly2sym (l1) 运行后输出结果为 l1 = 1.0000 - 2.4000 1.7600 -0.3840 L1 = x^3-12/5*x^2+44/25*x-48/125 方法2如输入MATLAB程序 >> P1=poly(0.4);P2=poly(0.8);P3=poly(1.2); C =conv (conv (P1, P2), P3) , L1=poly2sym (C) 运行后输出的结果与方法1相同. (五) DECONV 函数 调用格式：[Q,R] =deconv (B,A) (六) roots(poly(1:n))命令 调用格式：roots(poly(1:n)) (七) det(a*eye(size (A)) - A)命令 调用格式：b=det(a*ey e(size (A)) - A) 6.2 拉格朗日（Lagrange）插值及其MATLAB程序 6.2.1 线性插值及其MATLAB程序 例 6.2.1 已知函数在上具有二阶连续导数，，且满足条件 .求线性插值多项式和函数值，并估计其误差. 解输入程序 >> X=[1,3];Y=[1,2]; l01= poly(X(2))/( X(1)- X(2)), l11= poly(X(1))/( X(2)- X(1)), l0=poly2sym (l01),l1=poly2sym (l11), P = l01* Y(1)+ l11* Y(2), L=poly2sym (P),x=1.5; Y = polyval(P,x) 运行后输出基函数l0和l1及其插值多项式的系数向量P（略）、插值多项式L和插值Y为l0 = l1 = L = Y = -1/2*x+3/2 1/2*x-1/2 1/2*x+1/2 1.2500 输入程序 >> M=5;R1=M*abs((x-X(1))* (x-X(2)))/2

核函数

SVM 小结 理论基础： 机器学习有三类基本的问题，即模式识别、函数逼近和概率密度估计． SVM 有着严格的理论基础，建立了一套较好的有限训练样本下机器学习的理论框架和通用方法。他与机器学习是密切相关的，很多理论甚至解决了机器学习领域的其他的问题，所以学习SVM 和机器学习是相辅相成的，两者可以互相促进，有助于机器学习理论本质的理解。 VC 维理论：对一个指示函数集，如果存在h 个样本能够被函数集中的函数按所有可能的2h 种形式分开，则称函数集能够把h 个样本打散；函数集的VC 维就是它能打散的最大样本数目。VC 维反映了函数集的学习能力，VC 维越太则学习机器越复杂(容量越太)。 期望风险：其公式为[](,,(,))(,)y R f c y f y dP y χχχχ?=?，其中(,,(,))c y f y χχ为损失函数，(,)P y χ为概率分布，期望风险的大小可以直观的理解为，当我们用()f χ进行预测时，“平均”的损失程度，或“平均”犯错误的程度。 经验风险最小化（ERM 准则）归纳原则：但是，只有样本却无法计算期望风险，因此，传统的学习方法用样本定义经验风险[]emp R f 作为对期望风险的估计，并设计学习算法使之最小化。即所谓的经验风险最小化（ERM 准则）归纳原则。经验风险是用损失函数来计算的。对于模式识别问题的损失函数来说，经验风险就是训练样本错误率；对于函数逼近问题的损失函数来说，就是平方训练误差；而对于概率密度估计问题的损失函数来说，ERM 准则就等价于最大似然法。但是，经验风险最小不一定意味着期望风险最小。其实，只有样本数目趋近于无穷大时，经验风险才有可能趋近于期望风险。但是很多问题中样本数目离无穷大很远，那么在有限样本下ERM 准则就不一定能使真实风险较小。ERM 准则不成功的一个例子就是神经网络和决策树的过学习问题（某些情况下，训练误差过小反而导致推广能力下降，或者说是训练误差过小导致了预测错误率的增加，即真实风险的增加）。 结构风险最小化理论(SRM)：所以，在有限样本情况下，仅仅用ERM 来近似期望风险是行不通的。统计学习理论给出了期望风险[]R f 与经验风险[]emp R f 之间关系： [][]()emp h R f R f l φ≤+

高斯(核)函数简介

高斯（核）函数简介 1函数的基本概念 所谓径向基函数(Radial Basis Function简称RBF),就是某种沿径向对称的标量函数。通常定义为空间中任一点x到某一中心xc之间欧氏距离的单调函数,可记作k(||x-xc||),其作用往往是局部的,即当x远离xc时函数取值很小。最常用的径向基函数是高斯核函数,形式为k(||x-xc||)=exp{-||x-xc||^2/(2*σ)^2)}其中xc为核函数中心,σ为函数的宽度参数,控制了函数的径向作用范围。 高斯函数具有五个重要的性质，这些性质使得它在早期图像处理中特别有用．这些性质表明，高斯平滑滤波器无论在空间域还是在频率域都是十分有效的低通滤波器，且在实际图像处理中得到了工程人员的有效使用．高斯函数具有五个十分重要的性质，它们是： （1）二维高斯函数具有旋转对称性，即滤波器在各个方向上的平滑程度是相同的．一般来说，一幅图像的边缘方向是事先不知道的，因此，在滤波前是无法确定一个方向上比另一方向上需要更多的平滑．旋转对称性意味着高斯平滑滤波器在后续边缘检测中不会偏向任一方向． （2）高斯函数是单值函数．这表明，高斯滤波器用像素邻域的加权均值来代替该点的像素值，而每一邻域像素点权值是随该点与中心点的距离单调增减的．这一性质是很重要的，因为边缘是一种图像局部特征，如果平滑运算对离算子中心很远的像素点仍然有很大作用，则平滑运算会使图像失真． （3）高斯函数的付立叶变换频谱是单瓣的．正如下面所示，这一性质是高斯函数付立叶变换等于高斯函数本身这一事实的直接推论．图像常被不希望的高频信号所污染(噪声和细纹理)．而所希望的图像特征（如边缘），既含有低频分量，又含有高频分量．高斯函数付立叶变换的单瓣意味着平滑图像不会被不需要的高频信号所污染，同时保留了大部分所需信号． （4）高斯滤波器宽度(决定着平滑程度)是由参数σ表征的，而且σ和平滑程度的关系是非常简单的．σ越大，高斯滤波器的频带就越宽，平滑程度就越好．通过调节平滑程度参数σ，可在图像特征过分模糊(过平滑)与平滑图像中由于噪声和细纹理所引起的过多的不希望突变量(欠平滑)之间取得折衷． （5）由于高斯函数的可分离性，大高斯滤波器可以得以有效地实现．二维高斯函数卷积可以分两步来进行，首先将图像与一维高斯函数进行卷积，然后将卷积结果与方向垂直的相同一维高斯函数卷积．因此，二维高斯滤波的计算量随滤波模板宽度成线性增长而不是成平方增长． 2函数的表达式和图形 在这里编辑公式很麻烦，所以这里就略去了。可以参看相关的书籍，仅给出matlab绘图的

核函数

生存？还是毁灭？——哈姆雷特 可分？还是不可分？——支持向量机 之前一直在讨论的线性分类器,器如其名（汗，这是什么说法啊），只能对线性可分的样本做处理。如果提供的样本线性不可分，结果很简单，线性分类器的求解程序会无限循环，永远也解不出来。这必然使得它的适用范围大大缩小，而它的很多优点我们实在不原意放弃，怎么办呢？是否有某种方法，让线性不可分的数据变得线性可分呢？ 有！其思想说来也简单，来用一个二维平面中的分类问题作例子，你一看就会明白。事先声明，下面这个例子是网络早就有的，我一时找不到原作者的正确信息，在此借用，并加进了我自己的解说而已。 例子是下面这张图： 我们把横轴上端点a和b之间红色部分里的所有点定为正类，两边的黑色部分里的点定为负类。试问能找到一个线性函数把两类正确分开么？不能，因为二维空间里的线性函数就是指直线，显然找不到符合条件的直线。 但我们可以找到一条曲线，例如下面这一条：

显然通过点在这条曲线的上方还是下方就可以判断点所属的类别（你在横轴上随便找一点，算算这一点的函数值，会发现负类的点函数值一定比0大，而正类的一定比0小）。这条曲线就是我们熟知的二次曲线，它的函数表达式可以写为： 问题只是它不是一个线性函数，但是，下面要注意看了，新建一个向量y和a： 这样g(x)就可以转化为f(y)=，你可以把y和a分别回带一下，看看等不等于原来的g(x)。用内积的形式写你可能看不太清楚，实际上f(y)的形式就是： g(x)=f(y)=ay 在任意维度的空间中，这种形式的函数都是一个线性函数（只不过其中的a和y都是多维向量罢了），因为自变量y的次数不大于1。 看出妙在哪了么？原来在二维空间中一个线性不可分的问题，映射到四维空间后，变成了线性可分的！因此这也形成了我们最初想解决线性不可分问题的基本思路——向高维空间转化，使其变得线性可分。

地质数据处理_插值方法

二维数据场的插值方法 1．二维数据场描述及处理目的 数据场数据 {(xi,yi,zi), i=1,…,n}, 即某特征在二维空间中的n个预测值列表： 处理目的 了解该数据场的空间分布情况 处理思路 网格化 绘制等值线图

网格化方法： 二维数据插值 2．空间内插方法 Surfer8.0中常用的插值方法 Gridding Methods Inverse Distance to a Power(距离倒数加权) Kriging（克立格法） Minimum Curvature（最小曲率法） Modified Shepard's Method（改进Shepard方法） Natural Neighbor（近邻法） Nearest Neighbor（最近邻法） Polynomial Regression（多项式回归法） Radial Basis Function（径向基函数法） Triangulation with Linear Interpolation（线性插值三角形法） Moving Average（移动平均法） Data Metrics（数据度量方法） Local Polynomial（局部多项式法）

Geostatistics Analyst Model in ArcGIS 9 2.1反距离加权插值 反距离加权插值（Inverse Distance Weighting ，简称IDW ），反距离加权法是最常用的空间内插方法之一。它的基本原理是：空间上离得越近的物体其性质越相似，反之亦然。这种方法并没有考虑到区域化变量的空间变异性，所以仅仅是一种纯几何加权法。反距离加权插值的一般公式为： ∑==n i i i i y x Z y x Z 1),(),(λ 其中，0Z(x )为未知点0x 处的预测值，i Z(x )为已知点i x 处的值，n 为样点的数量，λ为样点的权重值，其计算公式为： n p p i i0 i0i 1d /d λ--==∑ 式中i0d 为未知点与各已知点之间的距离，p 是距离的幂。样点在预测过程中受参数p 的影响，幂越高, 内插的平滑效果越佳。 尽管反距离权重插值法很简单，易于实现，但它不能对内插的结果作精度评价，所得结果可能会出现很大的偏差，人为难以控制。 2.2全局多项式插值（趋势分析法） 根据有限的样本数据拟合一个表面来进行内插，称之为全局多项式内插方法。一般多采用多项式来进行拟合，求各样本点到该多项式的垂直距离的和，通过最小二乘法来获得多项式的系数，这样所得的表面可使各样本点到表面之间距

高斯核函数

高斯核函数所谓径向基函数(Radial Basis Function 简称RBF), 就是某种沿径向对称的标量函数。通常定义为空间中任一点x到某一中心xc之间欧氏距离的单调函数, 可记作k(||x-xc||), 其作用往往是局部的, 即当x远离xc时函数取值很小。 最常用的径向基函数是高斯核函数,形式为k(||x-xc||)=exp{- ||x-xc||^2/(2*σ)^2) } 其中xc 为核函数中心,σ为函数的宽度参数, 控制了函数的径向作用范围。 计算机视觉中的作用 在计算机视觉中，有时也简称为高斯函数。高斯函数具有五个重要的性质，这些性质使得它在早期图像处理中特别有用．这些性质表明，高斯平滑滤波器无论在空间域还是在频率域都是十分有效的低通滤波器，且在实际图像处理中得到了工程人员的有效使用．高斯函数具有五个十分重要的性质，它们是：（1）二维高斯函数具有旋转对称性，即滤波器在各个方向上的平滑程度是相同的．一般来说，一幅图像的边缘方向是事先不知道的，因此，在滤波前是无法确定一个方向上比另一方向上需要更多的平滑．旋转对称性意味着高斯平滑滤波器在后续边缘检测中不会偏向任一方向．（2）高斯函数是单值函数．这表明，高斯滤波器用像素邻域的加权均值来代替该点的像素值，而每一邻域像素点权值是随该点与中心点的距离单调增减的．这一性质是很重要的，因为边缘是一种图像局部特征，如果平滑运算对离算子中心很远的像素点仍然有很大作用，则平滑运算会使图像失真．（3）高斯函数的付立叶变换频谱是单瓣的．正如下面所示，这一性质是高斯函数付立叶变换等于高斯函数本身这一事实的直接推论．图像常被不希望的高频信号所污染(噪声和细纹理)．而所希望的图像特征（如边缘），既含有低频分量，又含有高频分量．高斯函数付立叶变换的单瓣意味着平滑图像不会被不需要的高频信号所污染，同时保留了大部分所需信号．（4）高斯滤波器宽度(决定着平滑程度)是由参数σ表征的，而且σ和平滑程度的关系是非常简单的．σ越大，高斯滤波器的频带就越宽，平滑程度就越好．通过调节平滑程度参数σ，可在图像特征过分模糊(过平滑)与平滑图像中由于噪声和细纹理所引起的过多的不希望突变量(欠平滑)之间取得折衷．（5）由于高斯函数的可分离性，大高斯滤波器可以得以有效地实现．二维高斯函数卷积可以分两步来进行，首先将图像与一维高斯函数进行卷积，然后将卷积结果与方向垂直的相同一维高斯函数卷积．因此，二维高斯滤波的计算量随滤波模板宽度成线性增长而不是成平方增长．

基于径向基函数与B样条的散乱数据拟合方法

基于径向基函数与B 样条的散乱数据拟合方法 韩旭里，庄陈坚，刘新儒 中南大学数学科学与计算技术学院，湖南长沙 （410083） E-mail ：zcjzym258@https://www.sodocs.net/doc/c53033307.html, 摘 要：本文针对散乱数据的曲面拟合问题，提出了一种径向基函数与B 样条插值结合使用的曲面拟合方法.通过分片径向基函数插值，从三维散乱点获取有序网格点，利用张量积B 样条插值有序网格点，从而得到拟合曲面.该方法较好地解决了散乱数据插值和拟合的计算不稳定性问题.最后给出了算法实例. 关键词：曲面拟合； 高斯函数； 双三次B 样条插值； 径向基函数 1 引言 随着激光测距扫描等三维数据获取硬件技术的日趋完善，人们可以得到精度和密度都越来越高的物体表面三维数据，利用物体表面三维数据来建立真实物体数字模型也成为近年来国际图形学界的一种发展趋势，曲面重构作为这种建模方法的一个重要研究课题也得到了广泛的探讨和研究，成为国际上的研究热点之一.曲面重构可分为插值和逼近两种方法.曲面插值就是重构出来的目标曲面必须通过所有的采样点，包括型值点，边界及曲面内部法矢等信息；逼近曲面只是对采样点进行有权逼近，它不一定要求所有的采样点都落在目标曲面上，而只需要重构曲面满足用户的反求设计要求即可.本文笔者通过分析现有方法存在的困难，提出了一种基于径向基函数与B 样条结合使用的曲面拟合方法，较好地解决了散乱数据插值和拟合的计算不稳定性问题. 4][1][2][3][考虑用于多变量函数插值的径向基函数方法.给定函数R R →+:φ，对于数据{}R R f X d j j ?∈,，径向基函数插值法是要寻找如下形式的函数： ()(||||)j j f X a X X φ=?∑， 使其满足 ∑ （1） (||||).j k j k f a X X φ?=关于径向基函数，学者们已作了很多的工作，常用的径向基函数有： 10][7][8][9][(i) Kriging 方法的Gauss 分布函数： 22/)(σφr e r ?=(ii) Hardy 的Multi-Quadric 函数： ββφφ?+=+=) ()()()(2222r c r r c r ，(iii) Duchon 的薄板样条： 122)(ln )(+==k k r r r r r φφ，方程(1)对任何数据{}R R f X d j j ?∈,，当两两不同时都有解的充要条件是：对任 何两两不同的， 矩阵j X j X ||))(||(j k X X ?φ是非奇异的.正定函数是满足这种性质的函数.我们知道，Gauss 函数、逆Multi-Quadric 函数都是正定函数.对于数据量少的情况，径向基函数插值的结果较令人满意，而且计算也比较简单.但同时也存在一些问题，比如方程系数矩阵的条件数问题.径向基函数插值最终归结为求解一个线性方程组，在大数据时这是一个大规模矩阵的求逆问题.当数据较多时，得到的矩阵一般是数值不稳定的. 张量积B 样条插值也是实际中常用的插值方法.对于较均匀的矩形网格数据，其插值效

常见插值方法及其的介绍

常见插值方法及其介绍 Inverse Distance to a Power（反距离加权 插值法）”、 “Kriging（克里金插值法）”、 “Minimum Curvature（最小曲率)”、 “Modified Shepard's Method（改进别德法）”、 “Natural Neighbor（自然邻点插值法）”、 “Nearest Neighbor（最近邻点插值法）”、 “Polynomial Regression（多元回归法）”、 “Radial Basis Function（径向基函数法）”、 “Triangulation with Linear Interpolation（线性插值三角网法）”、 “Moving Average（移动平均法）”、 “Local Polynomial（局部多项式法）” 1、距离倒数乘方法 距离倒数乘方格网化方法是一个加权平均插值法，可以进行确切的或者圆滑的方式插值。方次参数 控制着权系数如何随着离开一个格网结点距离的增加而下降。对于一个较大的方次，较近的数据点被 给定一个较高的权重份额，对于一个较小的方次，权重比较均匀地分配给各数据点。 计算一个格网结点时给予一个特定数据点的权值与指定方次的从结点到观测点的该结点被赋予距 离倒数成比例。当计算一个格网结点时，配给的权重是一个分数，所有权重的总和等于1.0。当一个 观测点与一个格网结点重合时，该观测点被给予一个实际为 1.0 的权重，所有其它观测点

被给予一 个几乎为0.0 的权重。换言之，该结点被赋给与观测点一致的值。这就是一个准确插值。 距离倒数法的特征之一是要在格网区域产生围绕观测点位置的"牛眼"。用距离倒数格网化时可 以指定一个圆滑参数。大于零的圆滑参数保证，对于一个特定的结点，没有哪个观测点被赋予全部的 权值，即使观测点与该结点重合也是如此。圆滑参数通过修匀已被插值的格网来降低"牛眼"影响。 2、克里金法 克里金法是一种在许多领域都很有用的地质统计格网化方法。克里金法试图那样表示隐含在你的数 据中的趋势，例如，高点会是沿一个脊连接，而不是被牛眼形等值线所孤立。 克里金法中包含了几个因子：变化图模型，漂移类型和矿块效应。 3、最小曲率法 最小曲率法广泛用于地球科学。用最小曲率法生成的插值面类似于一个通过各个数据值的，具有最 小弯曲量的长条形薄弹性片。最小曲率法，试图在尽可能严格地尊重数据的同时，生成尽可能圆滑的 曲面。 使用最小曲率法时要涉及到两个参数：最大残差参数和最大循环次数参数来控制最小曲率的收敛 标准。 4、多元回归法 多元回归被用来确定你的数据的大规模的趋势和图案。你可以用几个选项来确定你需要的趋势面类 型。多元回归实际上不是插值器，因为它并不试图预测未知的Z 值。它实际上是一个趋势面分析作

径向基函数在动网格中的应用及可并行性研究

4 ·技术?/? TECHNOLOGY ·科研信息化技术与应用2012, 3(5): 4–12 径向基函数在动网格中的应用及可并行性研究 马文鹏，陆忠华，胡晓东 中国科学院计算机网络信息中心 超级计算中心，北京 100190摘 要： 关键词： Applications of Radial Basis Functions in Dynamic Mesh and Its Parallelizability Ma Wenpeng, Lu Zhonghua, Hu Xiaodong Supercomputing Center, Computer Network Information Center , Chinese Academy of Sciences , Beijing 100190, China Abstract: 径向基函数广泛应用于网格变形、气动外形优化设计、网格优化等领域。近年来，基于径向基函数的动网格技术得到了深入的研究和广泛的应用。本文结合计算流体力学和高性能计算的应用背景，从径向基函数对网格的变形质量和变形效率进行了总结和进一步研究：在网格变形方面，重点对比了不同基函数对同一网格运动变形能力和同一基函数对不同网格运动的适应能力；在网格变形效率方面，分析了算法在计算和存储的瓶颈所在，考虑了? OpenMP 和?GPU 这两种共享内存的加速方式，得到较好加速比。最后，分析了当网格规模增大时，动网格在分布式计算和存储模型?(MPI) 下的处理方法。 径向基函数；径向函数；动网格；网格变形；并行 Radial basis functions are widely used for mesh deformation, aerodynamic shape optimization, grid optimization, etc. Recently, dynamic mesh techniques based on radial basis functions are widely used and much more attention is paid to them. This paper summaries the quality and efficiency of mesh deformation with the applications of radial basis functions on both CFD (Computational Fluid Dynamics) and HPC (High Performance Computing). In addition, a further research is conducted on the following two aspects: the abilities to satisfy the same mesh motion among different radial basis functions and the abilities to satisfy different mesh motion using one radial basis function; computation and storage bottleneck are analyzed and then parallel solutions based on shared memory models including OpenMP and GPU are considered 基金项目：国家高技术研究发展计划 (863 计划) (2012AA01A304)；国家自然科学基金 (91130019)

BP算法及径向基函数网络

BP 算法及径向基函数网络 B0503194班 高翔 1050319110 杨柳青 1050319113 题目1： 2.5 利用BP 算法及Sigmoid 算法，研究以下各函数的逼近问题： （1） 1 () , 1x 100f x x = ≤≤ （2） 10()log x , 1x 10f x =≤≤ （3） ()exp() , 1x 10f x x =-≤≤ （4） ()sin , 1x 2 f x x π =≤≤ 解：该题可以采用BP 神经网络或者是径向基函数网络来解决，首先给出我们利用BP 网络的解决方法，关于如何利用径向基函数网络来解决问题，放在2.6 题中的通过径向基函数网络解决XOR 问题一起讨论。 一、 概述 人工神经网络作为一门20世纪中叶起步的新技术，随着其理论的逐步完善，其应用日益广泛，应用领域也在不断拓展，已经在各个工程领域里得到了广泛的应用。通常神经网络技术主要应用在以下方面。 模式信息处理和模式识别。 最优化问题计算。 信息的智能化处理。 复杂控制。 信号处理。 在1959年，当时的两位美国工程师B.Widrow 和M.Hoff 提出了自适应线形元件。在 1969年，人工智能的创始人之一M.Minsky 和S.Papert 指出单层感知器只能够进行线形分类，对线形不可分的输入模式，哪怕是简单的异或逻辑运算，单层感知器也无能为力，而解决其的唯一方法就是设计训练出具有隐含层的多层神经网络。这一难题在1986年得到了解决。 1986年，D.E. Rumelhart 等人提出解决多层神经网络权值修正的算法——误差反向传播法（Error Back-Propagation ）。这种算法也通常被应用在BP （Back-Propagation Network ）中。 在目前，在人工神经网络的实际应用中，绝大部分的神经网络模型（80%--90%）是采

核函数

核函数 (2010-12-23 23:08:30) 分类：工作篇 标签： 校园 高斯核函数 所谓径向基函数(Radial Basis Function 简称 RBF), 就是某种沿径向对称的标量函数。通常定义为空间中任一点x到某一中心xc之间欧氏距离的单调函数, 可记作 k(||x-xc||), 其作用往往是局部的 , 即当x远离xc时函数取值很小。 高斯核函数 - 常用公式 最常用的径向基函数是高斯核函数 ,形式为 k(||x-xc||)=exp{- ||x-xc||^2/(2*σ)^2) } 其中xc为核函数中心,σ为函数的宽度参数 , 控制了函数的径向作用范围。 核函数简介 （1）核函数发展历史 早在1964年Aizermann等在势函数方法的研究中就将该技术引入到机器学习领域，但是直到1992年Vapnik等利用该技术成功地将线性SVMs推广到非线性SVMs时其潜力才得以充分挖掘。而核函数的理论则更为古老，Mercer定理可以追溯到1909年，再生核希尔伯特空间(ReproducingKernel Hilbert Space, RKHS)研究是在20世纪40年代开始的。 （2）核函数方法原理 根据模式识别理论，低维空间线性不可分的模式通过非线性映射到高维特征空间则可能实现线性可分，但是如果直接采用这种技术在高维空间进行分类或回归，则存在确定非线性映射函数的形式和参数、特征空间维数等问题，而最大的障碍则是在高维特征空间运算时存在的“维数灾难”。采用核函数技术可以有效地解决这样问题。 设x,z∈X,X属于R（n）空间,非线性函数Φ实现输入间X到特征空间F的映射,其中F属于R（m）,n<(1) 其中：<, >为内积,K(x,z)为核函数。从式(1)可以看出，核函数将m维高维空间的内积运算转化为n维低维输入空间的核函数计算，从而巧妙地解决了在高维特征空间中计算的“维数灾难”等问题，从而为在高维特征空间解决复杂的分类或回归问题奠定了理论基础。 （3）核函数特点 核函数方法的广泛应用,与其特点是分不开的： 1）核函数的引入避免了“维数灾难”,大大减小了计算量。而输入空间的维数n对核函数矩阵无影响，因此，核函数方法可以有效处理高维输入。 2）无需知道非线性变换函数Φ的形式和参数.