基于改进遗传算法的网络疑似入侵最优数据选取Optimal data selection based on improved genetic algorithm for suspected network intrusion
熊云龙
摘要(Abstract):
针对目标网络疑似入侵数据存在大量高维和冗余特征,而现有入侵检测方法仅定性选取特征,导致入侵检测率低、误报率高、实时性差的问题,提出基于改进遗传算法的网络疑似入侵最优数据选取方法。采用半监督学习算法对归一化处理后的数据进行自动标记以获取更大规模的网络疑似入侵数据,将其作为入侵检测模型的训练数据集;采用重采样算法从训练数据集中随机选取一个训练数据子集,计算训练数据子集中疑似入侵数据特征的信息增益率,选取信息增益率最大的特征构造有效疑似入侵数据特征集;采用偏F检验对特征进一步选取,构建待优化疑似入侵数据特征集,利用改进的遗传算法对待优化特征集进行优化选择,选取出最能反应入侵状态的数据集。实验结果表明,所提方法在确保入侵检测率、误报率尽可能低的前提下,有效提高了检测效率。
关键词(KeyWords): 遗传算法;网络疑似入侵;重采样;入侵检测;数据集;优化选择
基金项目(Foundation):
作者(Author): 熊云龙
DOI: 10.16652/j.issn.1004-373x.2018.22.040
参考文献(References):
- [1]顾艳林.大数据驱动下网络入侵信号提取检测仿真[J].计算机仿真,2017,34(9):370-373.GU Yanlin. Simulation of network intrusion signal extraction and detection based on big data drive[J]. Computer simulation,2017,34(9):370-373.
- [2]吴丽云,李生林,甘旭升,等.基于PLS特征提取的网络异常入侵检测CVM模型[J].控制与决策,2017,32(4):755-758.WU Liyun,LI Shenglin,GAN Xusheng,et al. Network anomaly intrusion detection CVM model based on PLS feature extraction[J]. Control and decision,2017,32(4):755-758.
- [3]安尼瓦尔·加马力,亚森·艾则孜,木尼拉·塔里甫.基于连接数据分析和OSELM分类器的网络入侵检测系统[J].计算机应用研究,2017,34(12):3749-3752.Anwar Jamal,Yasen Aizezi,Munila Talifu. Network intrusion detection system based on connection data analysis and OSELM classifier[J]. Application research of computers,2017,34(12):3749-3752.
- [4]韩红光,周改云.基于Markov链状态转移概率矩阵的网络入侵检测[J].控制工程,2017,24(3):698-704.HAN Hongguang,ZHOU Gaiyun. A network intrusion detection method based on fusion of Markov chain state transfer probability matrix[J]. Control engineering of China,2017,24(3):698-704.
- [5]庄夏.基于互信息特征选择和LSSVM的网络入侵检测系统[J].中国测试,2017,43(11):134-139.ZHUANG Xia. Network intrusion detection system based on mutual information feature selection and LSSVM[J]. China measurement&testing technology,2017,43(11):134-139.
- [6]刘云,向婵,王海花.基于互信息的特征选择在入侵检测中的优化[J].西北大学学报(自然科学版),2017,47(5):666-673.LIU Yun,XIANG Chan,WANG Haihua. Optimization of feature selection based on mutual information in intrusion detection[J]. Journal of Northwest University(Natural science edition),2017,47(5):666-673.
- [7]彭平,孙立新,王铁柱,等.基于自适应蛙跳算法的入侵检测特征选择[J].济南大学学报(自然科学版),2016,30(2):129-132.PENG Ping,SUN Lixin,WANG Tiezhu,et al. Intrusion detection feature selection based on adaptive frog leaping algorithm[J]. Journal of University of Jinan(Science and technology),2016,30(2):129-132.
- [8]陈虹,万广雪,肖振久.基于优化数据处理的深度信念网络模型的入侵检测方法[J].计算机应用,2017,37(6):1636-1643.CHEN Hong,WAN Guangxue,XIAO Zhenjiu. Intrusion detection method of deep belief network model based on optimization of data processing[J]. Journal of computer applications,2017,37(6):1636-1643.
- [9]高一为,周睿康,赖英旭,等.基于仿真建模的工业控制网络入侵检测方法研究[J].通信学报,2017,38(7):186-198.GAO Yiwei,ZHOU Ruikang,LAI Yingxu,et al. Research on industrial control system intrusion detection method based on simulation modelling[J]. Journal on communications,2017,38(7):186-198.
- [10]崔君荣,尚文利,万明,等.基于半监督分簇策略的工控入侵检测[J].信息与控制,2017,46(4):462-468.CUI Junrong,SHANG Wenli,WAN Ming,et al. Intrusion detection of industrial control based on semi-supervised clustering strategy[J]. Information and control,2017,46(4):462-468.