基于随机森林算法的网络入侵检测系统分析

2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD) Pub Date : 2017-06-01 DOI:10.1109/SNPD.2017.8022711

Y. Y. Aung, M. Min

{"title":"基于随机森林算法的网络入侵检测系统分析","authors":"Y. Y. Aung, M. Min","doi":"10.1109/SNPD.2017.8022711","DOIUrl":null,"url":null,"abstract":"In the world today, the security of the computer system is of great importance, And in the last few years, there have seen an affected growth in the amount of intrusions that intrusion detection has become the dominant of current information security. Firewalls cannot provide complete protection. Applying on a firewall system alone is not enough to prevent a corporate network from all types of network attacks. Therefore more system should be complemented by intrusion detection system. Data mining skills can be used as an effective approach to detect intrusions in intrusion detection system. Data Mining and Knowledge Discovery is the computerized process of trenching and analysis of huge amounts of data, and then extract the meaning of the data. Data mining tools can assist to predict future behaviors and trends, so that organizations proactively, can make decisions based on knowledge. Data mining can answer organization questions that were too traditional time, to solve. Data mining takes its name from the valuable information in a large database. Recent studies display that cascading based approaches of several algorithms are much better performance than an individual algorithm. In this research, we use K-means and Random Forest algorithm to classify instances. This model was verified using KDD'99 data set. Experimental results show that hybrid methods can support suitable detection rates and lower model training time than using single algorithm.","PeriodicalId":186094,"journal":{"name":"2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"31","resultStr":"{\"title\":\"An analysis of random forest algorithm based network intrusion detection system\",\"authors\":\"Y. Y. Aung, M. Min\",\"doi\":\"10.1109/SNPD.2017.8022711\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the world today, the security of the computer system is of great importance, And in the last few years, there have seen an affected growth in the amount of intrusions that intrusion detection has become the dominant of current information security. Firewalls cannot provide complete protection. Applying on a firewall system alone is not enough to prevent a corporate network from all types of network attacks. Therefore more system should be complemented by intrusion detection system. Data mining skills can be used as an effective approach to detect intrusions in intrusion detection system. Data Mining and Knowledge Discovery is the computerized process of trenching and analysis of huge amounts of data, and then extract the meaning of the data. Data mining tools can assist to predict future behaviors and trends, so that organizations proactively, can make decisions based on knowledge. Data mining can answer organization questions that were too traditional time, to solve. Data mining takes its name from the valuable information in a large database. Recent studies display that cascading based approaches of several algorithms are much better performance than an individual algorithm. In this research, we use K-means and Random Forest algorithm to classify instances. This model was verified using KDD'99 data set. Experimental results show that hybrid methods can support suitable detection rates and lower model training time than using single algorithm.\",\"PeriodicalId\":186094,\"journal\":{\"name\":\"2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD)\",\"volume\":\"13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"31\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SNPD.2017.8022711\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SNPD.2017.8022711","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 31

摘要

在当今世界，计算机系统的安全是非常重要的，在过去的几年里，有一个受影响的入侵数量的增长，入侵检测已经成为当前信息安全的主导。防火墙不能提供完全的保护。仅在防火墙系统上应用防火墙不足以防止企业网络受到所有类型的网络攻击。因此，更多的系统应该辅以入侵检测系统。在入侵检测系统中，数据挖掘技术可以作为检测入侵的有效手段。数据挖掘和知识发现是对海量数据进行挖掘和分析，进而提取数据意义的计算机化过程。数据挖掘工具可以帮助预测未来的行为和趋势，以便组织能够主动地根据知识做出决策。数据挖掘可以回答那些在传统时代难以解决的组织问题。数据挖掘得名于对大型数据库中有价值信息的挖掘。近年来的研究表明，基于多个算法的级联方法比单个算法的性能要好得多。在本研究中，我们使用K-means和随机森林算法对实例进行分类。利用KDD'99数据集对该模型进行了验证。实验结果表明，与单一算法相比，混合算法具有较高的检测率和较短的模型训练时间。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An analysis of random forest algorithm based network intrusion detection system

In the world today, the security of the computer system is of great importance, And in the last few years, there have seen an affected growth in the amount of intrusions that intrusion detection has become the dominant of current information security. Firewalls cannot provide complete protection. Applying on a firewall system alone is not enough to prevent a corporate network from all types of network attacks. Therefore more system should be complemented by intrusion detection system. Data mining skills can be used as an effective approach to detect intrusions in intrusion detection system. Data Mining and Knowledge Discovery is the computerized process of trenching and analysis of huge amounts of data, and then extract the meaning of the data. Data mining tools can assist to predict future behaviors and trends, so that organizations proactively, can make decisions based on knowledge. Data mining can answer organization questions that were too traditional time, to solve. Data mining takes its name from the valuable information in a large database. Recent studies display that cascading based approaches of several algorithms are much better performance than an individual algorithm. In this research, we use K-means and Random Forest algorithm to classify instances. This model was verified using KDD'99 data set. Experimental results show that hybrid methods can support suitable detection rates and lower model training time than using single algorithm.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD)

自引率

0.00%

发文量