An Intrusion Detection Approach Incorporating SMOTE-Tomek Link with Integrated Modeling
With the rapid expansion of the global Internet and the increasing complexity of network security threats,the development of ef-ficient and stable intrusion detection systems has become an important research task in the field of network security.The focus of this paper is to solve two common problems in intrusion detection data sets:one is the category imbalance caused by the difference in the number of normal and abnormal network behavior samples;The second is the high dimensional problem caused by too many redundant and invalid features in the data set.Therefore,according to ensemble learning,by combining the SOMTE-Tomek Link comprehensive sampling algorithm with three homogeneous models,an integrated weighted voting model for unbalanced data sets is proposed.The SOMTE-Tomek Link algorithm preprocesses the data,while the random forest ranking importance measure algorithm selects effective features,reducing error rates and computational demands.Comparative evaluations against multiple machine learning models demonstrate that the integrated model achieves a 97.84%accuracy rate,outperforming single models by 1~4 percentage points.Notably,it significantly improves accuracy,precision,recall,and F1 scores in classifying less-sample attacks,enhancing training efficiency and model stability.
国家科技期刊平台
NSTL
万方数据
