摘 要:针对传统的机器学习方法无法有效地处理网络入侵时海量、高维、冗余数据的现象,提出了基于主成分分析(PCA)和卷积神经网络(CNN)的入侵检测算法。首先,通过PCA 对提取出的高维原始入侵数据进行降维并消除冗余信息,减少了输入数据的维数,然后通过设计的卷积神经网络对正常和异常数据进行分类。在KDD 99 数据集上的实验结果表明,文中提出的PCA-CNN 模型与CNN 以及其他的机器学习方法相比,可有效地提高检测的准确率并降低误报率。
关键词:入侵检测;深度学习;主成分分析;卷积神经网络
中图分类号:TP309 文献标识码:A 文章编号:2096-4706(2019)10-0148-04
Intrusion Detection Method Based on Principal Component Analysis and
Convolution Neural Network
LI Zhaofeng
(School of Mechanical and Electrical Engineering,Guangzhou University,Guangzhou 510006,China)
Abstract:Due to the traditional machine learning methods can not effectively deal with massive,high-dimensional and redundant data in network intrusion,an intrusion detection algorithm based on principal component analysis(PCA) and convolutional neural network(CNN) is proposed. Firstly,the high-dimensional original intrusion data extracted by PCA is reduced and the redundant information is eliminated,the dimension of the input data is reduced,and then the normal and abnormal data are classified by the designed convolutional neural network. The experimental results on KDD 99 dataset show that the PCA-CNN model proposed in this paper can effectively improve the detection accuracy and reduce the false alarm rate compared with CNN and other machine learning methods.
Keywords:intrusion detection;deep learning;principal component analysis;convolutional neural network
参考文献:
[1] Kumarjonnalagadda S,Ravi P R I. A Literature Survey and Comprehensive Study of Intrusion Detection [J]. International Journal of Computer Applications,2014,81(16):40-47.
[2] Robert Mitchell,Ing-Ray Chen. A survey of intrusion detection techniques for cyber-physical systems [J]. ACM Computing Surveys(CSUR),2014,46(4):1-29.
[3] Onik A R,Haq N F,Mustahin W. Cross-breed type Bayesian network based intrusion detection system(CBNIDS) [C]//International Conference on Computer & Information Technology. IEEE,2016.
[4] Senthilnayaki B ,Venkatalakshmi K ,Kannan A . Intrusion detection using optimal genetic feature selection and SVM based classifier [C]//International Conference on Signal Processing. IEEE,2015.
[5] Canbay Y,Sagiroglu S. A Hybrid Method for Intrusion Detection. [C]//IEEE International Conference on Machine Learning&Applications. IEEE,2016.
[6] Sahu S,Mehtre B M. Network intrusion detection system using J48 Decision Tree. [J]. 2010.
[7] Tao L J ,Hong L Y ,Yan H . The improvement and application of a K-means clustering algorithm [C]//2016 IEEE International Conference on Cloud Computing and Big Data Analysis(ICCCBDA). IEEE,2016.
[8] Kingma D P,Ba J. Adam:A Method for Stochastic Optimization [J]. Computer Science,2014.
[9] Abadi,Martín,Barham P,Chen J,et al. TensorFlow:A system for large-scale machine learning [J]. 2016.
[10] Gao N,Gao L,Gao Q,et al. An Intrusion Detection Model Based on Deep Belief Networks [C]//2014 Second International Conference on Advanced Cloud and Big Data(CBD). IEEE Computer Society,2014.
[11] Ibrahim,L.M.,Basheer,D.T. and Mahmod,M.S.(2013)A Comparison Study for Intrusion Database(Kdd99,Nsl-Kdd)Based on Self Organization Map(SOM)Artificial Neural Network. [J]. Journal of Engineering Science and Technology,2013,8(1):107-119.
作者简介:李兆峰(1994-),男,汉族,江西人,硕士,研究方向:信息安全。