基于ICA算法和三支决策的入侵检测方法
INTRUSION DETECTION METHOD BASED ON ICA ALGORITHM AND THREE-WAY DECISIONS
王帅 1黄树成1
作者信息
- 1. 江苏科技大学计算机学院 江苏镇江 212003
- 折叠
摘要
网络入侵行为的多样化和智能化,以及网络数据具有特征维数高和非线性可分等特点,导致了网络数据特征提取不充分和模型分类准确率低等问题.为此,提出一种基于独立成分分析(ICA)算法和三支决策(TWD)的入侵检测算法.利用ICA算法将网络连接数据基于极大非高斯性进行特征提取,同时将数据从高维特征空间映射到低维特征空间,以此来消除冗余数据,并通过多次的特征提取来构造多粒度的特征空间.对网络行为进行三支决策.建立的模型在NSL-KDD、CIC-IDS2017数据集上的实验结果表明其具有更好的特征提取能力和更精确的分类能力.
Abstract
With the diversification and intelligence of network intrusion behaviors,network data has the characteristics of high feature dimensionality and non-linear separability,which leads to insufficient feature extraction and low model classification accuracy in network data.Therefore,an intrusion detection model based on independent component analysis(ICA)and three-way decisions(TWD)is proposed.The characteristics of network connection data were reduced by using ICA algorithm based on maximal non-Gauss property.The data was mapped from high dimensional feature space to low dimensional space to eliminate redundant data.And a multi-granular feature space was constructed through multiple feature extraction.Decisions were made on network behaviors based on three decision-making theories.Experiments were performed on NSL-KDD and CIC-IDS2017 data set.The results show that the proposed model has better feature extraction capability and more accurate classification ability.
关键词
ICA/三支决策/特征提取/入侵检测Key words
ICA/Three-way decisions/Feature extraction/Intrusion detection引用本文复制引用
出版年
2024
国家科技期刊平台
NSTL
万方数据