基于重引力搜索算法的大规模网络无界DoS入侵检测
Large-scale network unbounded DoS intrusion detection based on gravity search algorithm
周憧 1金振 2胡琳 1顾仁龙 1钟善君1
作者信息
- 1. 中国移动通信集团浙江有限公司台州分公司,浙江 台州 318000
- 2. 中国移动通信集团浙江有限公司,浙江 杭州 310016
- 折叠
摘要
为保证大规模网络安全,并降低无界DoS入侵危害,提出基于重引力搜索算法的大规模网络无界DoS入侵检测方法.利用DWT(离散小波变换)提取网络流量特征,完成大规模网络流量数据的降维,将该特征作为输入数据,使用SVM(支持向量机)进行无界DoS入侵检测,以SVM训练时输出结果的均方根误差最小作为目标,使用重引力搜索算法寻优获取最优的SVM惩罚因子、不敏感系数以及核参数,并将结果返回SVM中更新参数,利用具备最佳参数的SVM完成无界DoS入侵检测.实验结果表明,该方法优化后的SVM检测误差率迅速降低,仅进行了60次迭代,优化后的SVM完成误差率的收敛.在15:00时后节点的平均吞吐量由200~300 bit/s迅速增长至2 000 bit/s左右.
Abstract
In order to ensure large-scale network security and reduce the harm of unbounded DoS intrusion,a large-scale network unbounded DoS intrusion detection method based on gravity search algorithm is proposed.DWT(Discrete Wavelet Transform)is used to extract network traffic features and complete dimensionality reduction of large-scale network traffic data.The features are used as input data,and SVM(Support Vector Machine)is used for unbounded DoS intrusion detection.The minimum root-mean-square error of the output results during SVM training is taken as the goal.The heavy gravity search algorithm is used to obtain the optimal penalty factor,insensitivity coefficient and kernel parameters of SVM,and the results are returned to SVM to update the parameters.The unbounded DoS intrusion detection is completed by using SVM with the best parameters.The experimental results show that the optimized SVM detection error rate decreases rapidly,and only 60 iterations are carried out,and the optimized SVM completes the convergence of the error rate.After 15:00,the average throughput of nodes increased rapidly from 200~300 bit/s to about 2 000 bit/s.
关键词
引力搜索算法/大规模网络/无界DoS/入侵检测/SVM/流量特征Key words
gravity search algorithm/large-scale networks/unbounded DoS/intrusion detection/SVM/flow characteristics引用本文复制引用
出版年
2025
NETL
NSTL
万方数据