{"title":"基于层次自收敛PCA-OCSVM算法的入侵检测方法研究","authors":"Yanpeng Cui, Zichuan Jin, Jianwei Hu","doi":"10.6633/IJNS.202011_22(6).04","DOIUrl":null,"url":null,"abstract":"At present, traditional intrusion detection methods have some shortcomings, such as long detection time, low detection accuracy and poor classification effect. This paper will combine PCA and OCSVM algorithm to build a multi-level intrusion detection model, using attack feature analysis method to preprocess data, while data cleaning and data feature selection of training set. It highlights the characteristics of abnormal data and normal data, and weakens the influence of irrelevant features on training model. PCA algorithm is used to process data to improve detection rate and reduce noise. Different models are trained by different data features to detect four attack types, namely Probe, DDOS, R2L and U2R. The optimal dimension of PCA is automatically obtained by calculating the contribution rate M of feature, which improves the traditional method that requires frequent input of K value. The model is trained by using OCSVM algorithm based on RBF core, and the disadvantage of poor classification effect of OCSVM algorithm is eliminated through improved multi-layer detection mechanism. Finally, the KDDCUP99 data set is used for experimental verification. The results show that the proposed method has more advantages than the traditional detection method.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"26 1","pages":"916-924"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Research on Intrusion Detection Method Based on Hierarchical Self-convergence PCA-OCSVM Algorithm\",\"authors\":\"Yanpeng Cui, Zichuan Jin, Jianwei Hu\",\"doi\":\"10.6633/IJNS.202011_22(6).04\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"At present, traditional intrusion detection methods have some shortcomings, such as long detection time, low detection accuracy and poor classification effect. This paper will combine PCA and OCSVM algorithm to build a multi-level intrusion detection model, using attack feature analysis method to preprocess data, while data cleaning and data feature selection of training set. It highlights the characteristics of abnormal data and normal data, and weakens the influence of irrelevant features on training model. PCA algorithm is used to process data to improve detection rate and reduce noise. Different models are trained by different data features to detect four attack types, namely Probe, DDOS, R2L and U2R. The optimal dimension of PCA is automatically obtained by calculating the contribution rate M of feature, which improves the traditional method that requires frequent input of K value. The model is trained by using OCSVM algorithm based on RBF core, and the disadvantage of poor classification effect of OCSVM algorithm is eliminated through improved multi-layer detection mechanism. Finally, the KDDCUP99 data set is used for experimental verification. The results show that the proposed method has more advantages than the traditional detection method.\",\"PeriodicalId\":93303,\"journal\":{\"name\":\"International journal of network security & its applications\",\"volume\":\"26 1\",\"pages\":\"916-924\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International journal of network security & its applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.6633/IJNS.202011_22(6).04\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International journal of network security & its applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.6633/IJNS.202011_22(6).04","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Research on Intrusion Detection Method Based on Hierarchical Self-convergence PCA-OCSVM Algorithm
At present, traditional intrusion detection methods have some shortcomings, such as long detection time, low detection accuracy and poor classification effect. This paper will combine PCA and OCSVM algorithm to build a multi-level intrusion detection model, using attack feature analysis method to preprocess data, while data cleaning and data feature selection of training set. It highlights the characteristics of abnormal data and normal data, and weakens the influence of irrelevant features on training model. PCA algorithm is used to process data to improve detection rate and reduce noise. Different models are trained by different data features to detect four attack types, namely Probe, DDOS, R2L and U2R. The optimal dimension of PCA is automatically obtained by calculating the contribution rate M of feature, which improves the traditional method that requires frequent input of K value. The model is trained by using OCSVM algorithm based on RBF core, and the disadvantage of poor classification effect of OCSVM algorithm is eliminated through improved multi-layer detection mechanism. Finally, the KDDCUP99 data set is used for experimental verification. The results show that the proposed method has more advantages than the traditional detection method.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
