Machine Learning for Malicious Traffic Detection in Medical and Health Application Scenarios
Objective To realize the malicious traffic detection in medical and health application scenarios,the random forest and decision tree model in machine learning method were used.Methods CIC-ISD2017 sample set were used as the training and validation set for the model.A total of 1708979 pieces of data were pre-processed in Python for model training.The pre-processed sample set accounted for 80%of the training set(1367183 pieces)and 20%of the validation set(341795 pieces),and was trained by adjusting parameters of random forest and decision tree models on sklearn.Finally,500 network traffic captured in the built medical and health application scenarios were used as the test set to evaluate the model generalization ability.Results From the decision tree and random forest confusion matrix,the prediction accuracy of decision tree model for slow denial-of-service attacks and cross-site scripting attacks was 95%,especially when decision tree model predicted slow denial-of-service attacks,it was confused with cross-site scripting attacks.Random forest model predicted slow denial-of-service attacks with 99%accuracy,could correctly predict most slow denial-of-service attacks.The random forest model performs well in medical and health application scenarios.Conclusion The two models achieve ideal results for malicious traffic detection accuracy in medical and health application scenarios,but the accuracy of the traditional decision tree model is lower than that of the random forest model.The random forest model is more suitable for malicious traffic detection in medical and health scenarios,and can provide some reference for future network security research in medical and health application scenarios.
medical and health application scenariosmachine learningdecision treerandom forestnetwork security
国家科技期刊平台
NSTL
万方数据
维普
