基于融合机器学习算法的网络入侵检测与定位技术  被引量：7

作　　者：刘欢[1,2] 肖蔚 赵长明 LIU Huan;XIAO Wei;ZHAO Changming(Xi’an Jiaotong University,Xi’an 710049,China;Shaanxi Police College,Xi’an 710021,China;Shaanxi Provincial Public Security Department,Xi’an 710018,China)

机构地区：[1]西安交通大学,陕西西安710049 [2]陕西警官职业学院,陕西西安710021 [3]陕西省公安厅,陕西西安710018

出　　处：《现代电子技术》2023年第12期182-186,共5页Modern Electronics Technique

基　　金：西安市科技计划理论软科学课题(2022JH-YBXM-0143)。

摘　　要：针对传统的网络入侵检测系统中存在的漏报、误报率较高的问题,文中提出一种基于融合机器学习算法的网络入侵检测与定位技术。该技术方案的核心算法由PCA、DCNN以及LightGBM组成,针对网络流量数据维度高的特点,使用PCA进行主动降维,并通过DCNN模型对降维后的数据加以训练。针对分类模型LightGBM存在边缘数据检测精度较低的问题,利用损失函数对其进行权重改进,从而提高算法的准确率和执行效率。实验与测试结果表明,所提方法的多项指标均优于基础算法LightGBM,可实现对网络入侵的有效检测与定位。与GAN、LSTM、SVM、RF以及CNN算法的横向对比实验结果表明,所提算法对5类数据的分类准确率分别为99.1%、98.5%、93.3%、88.9%和84.9%,均优于对比算法,验证了其综合性能的优越性。In allusion to the problem of high false positive rate and false positive rate in traditional network intrusion detection system,a network intrusion detection technology based on fused machine learning algorithm is proposed.The core algorithm of this technical scheme is composed of PCA,DCNN and LightGBM.Aiming at the characteristics of high dimensionality of network traffic data,PCA is used for active dimensionality reduction,and DCNN model is used to train the date after dimensionality reduction.Aiming at the problem that the classification model LightGBM has low edge data detection accuracy,the loss function is used to improve its weight,so as to improve the accuracy and execution efficiency of the algorithm.The experiment and testing results show that many indicators of the proposed algorithm are better than the basic algorithm LightGBM,which can achieve effective detection and location of network intrusion.In the horizontal comparison experiment with GAN,LSTM,SVM,RF and CNN algorithms,the classification accuracy of the proposed algorithm for five types of data are 99.1%,98.5%,93.3%,88.9%and 84.9%respectively,which is superior to the comparison algorithm,and verifies the superiority of its comprehensive performance.

关 键 词：网络入侵检测 机器学习算法 主成分分析法 深度卷积神经网络 LightGBM模型 数据降维 

分 类 号：TN915.08-34[电子电信—通信与信息系统] TP391[电子电信—信息与通信工程]