基于云模型与决策树的入侵检测方法
|
摘要
针对入侵检测系统中传统决策树分类算法仅能处理离散化数据的情况,提出一种改进的入侵检测方法。通过云模型对数据集连续属性进行离散化,利用遗传算法引入加权选择概率函数,使得决策树分类算法能检测出DoS、R2L、U2R、PRB攻击。KDDCUP 99数据集上的实验结果表明,与基于贝叶斯、支持向量机与云模型离散化的检测方法相比,该方法具有更好的入侵检测与分类性能。
Aiming the problem that the traditional decision tree classification algorithm in intrusion detection system can only deal with discrete data,an improved intrusion detection method is proposed.The cloud model is used to discretize the continuous attribute of datasets and the genetic algorithm is used to introduce the weighted selection probability function so that the decision tree classification algorithm can detect the attack of DoS,R2 L,U2 R and PRB.Experimental result of the KDDCUP 99 dataset shows that this method has better intrusion detection and classification performance compared with detection method based on Bayes,Support Vector Machine(SVM) and cloud model discretization.
Aiming the problem that the traditional decision tree classification algorithm in intrusion detection system can only deal with discrete data,an improved intrusion detection method is proposed.The cloud model is used to discretize the continuous attribute of datasets and the genetic algorithm is used to introduce the weighted selection probability function so that the decision tree classification algorithm can detect the attack of DoS,R2 L,U2 R and PRB.Experimental result of the KDDCUP 99 dataset shows that this method has better intrusion detection and classification performance compared with detection method based on Bayes,Support Vector Machine(SVM) and cloud model discretization.
引文
[1] WANG P,CHAO K M,LIN H C,et al.An efficient flow control approach for SDN-based network threat detection and migration using support vector machine[C]//Proceedings of IEEE International Conference on E-business Engineering.Washington D.C.,USA:IEEE Press,2016:56-63.
[2] 秦昆,李德毅,许凯.基于云模型的图像分割方法研究[J].测绘信息与工程,2006,31(5):3-5.
[3] 宋运忠,范丽媛.基于云变换的混沌动力系统逼近性研究[J].河南理工大学学报(自然科学版),2015,34(5):659-664.
[4] LI J,MA S,LE T,et al.Causal decision trees[J].IEEE Transactions on Knowledge and Data Engineering,2017,29(2):257-271.
[5] CATALTEPE Z,EKMEKCI U,CATALTEPE T,et al.Online feature selected semi-supervised decision trees for network intrusion detection[C]//Proceedings of IEEE/IFIP Network Operations and Management Symposium.Washington D.C.,USA:IEEE Press,2016:1085-1088.
[6] XIANG C,YONG P C,MENG L S.Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees[J].Pattern Recognition Letters,2008,29(7):918-924.
[7] BARROS R C,BASGALUPP M P,DE CARVALHO A C P L F,et al.A survey of evolutionary algorithms for decision-tree induction[J].IEEE Transactions on Systems,Man,and Cybernetics,Part C,2012,42(3):291-312.
[8] SOLTANI H,SHAFIEI S.Adiabatic reactor network synthesis using coupled genetic algorithm with Quasi linear programming method[J].Chemical Engineering Science,2015,137:601-612.
[9] WANG J Q,PENG J J,ZHANG H Y,et al.An uncertain linguistic multi-criteria group decision-making method based on a cloud model[J].Group Decision and Negotiation,2015,24(1):171-192.
[10] BONDARENKO A,ALEKSEJEVA L,JUMUTC V,et al.Classification tree extraction from trained artificial neural networks[J].Procedia Computer Science,2017,104(C):556-563.
[11] ROSTAMI M,MORADI P.A clustering based genetic algorithm for feature selection[C]//Proceedings of the 6th Conference on Information and Knowledge Technology.Washington D.C.,USA:IEEE Press,2014:112-116.
[12] 袁琴琴,吕林涛.基于改进蚁群算法与遗传算法组合的网络入侵检测[J].重庆邮电大学学报(自然科学版),2017,29(1):84-89.
[13] 韩伟,马邕文,万金泉,等.基于云模型在废水处理pH控制中的仿真研究[J].计算机仿真,2015,32(5):432-440.
[14] SINGH R,KUMAR H,SINGLA R K.An intrusion detection system using network traffic profiling and online sequential extreme learning machine[J].Expert Systems with Applications,2015,42(22):8609-8624.
[15] 郝晓弘,张晓峰.入侵检测分类技术的比较研究[J].微型机与应用,2017,36(15):8-11,15.
[16] ABDELRAHMAN S M,ABRAHAM A.Intrusion detection using error correcting output code based ensemble[C]//Proceedings of the 14th International Conference on Hybrid Intelligent Systems.Washington D.C.,USA:IEEE Press,2014:181-186.
[2] 秦昆,李德毅,许凯.基于云模型的图像分割方法研究[J].测绘信息与工程,2006,31(5):3-5.
[3] 宋运忠,范丽媛.基于云变换的混沌动力系统逼近性研究[J].河南理工大学学报(自然科学版),2015,34(5):659-664.
[4] LI J,MA S,LE T,et al.Causal decision trees[J].IEEE Transactions on Knowledge and Data Engineering,2017,29(2):257-271.
[5] CATALTEPE Z,EKMEKCI U,CATALTEPE T,et al.Online feature selected semi-supervised decision trees for network intrusion detection[C]//Proceedings of IEEE/IFIP Network Operations and Management Symposium.Washington D.C.,USA:IEEE Press,2016:1085-1088.
[6] XIANG C,YONG P C,MENG L S.Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees[J].Pattern Recognition Letters,2008,29(7):918-924.
[7] BARROS R C,BASGALUPP M P,DE CARVALHO A C P L F,et al.A survey of evolutionary algorithms for decision-tree induction[J].IEEE Transactions on Systems,Man,and Cybernetics,Part C,2012,42(3):291-312.
[8] SOLTANI H,SHAFIEI S.Adiabatic reactor network synthesis using coupled genetic algorithm with Quasi linear programming method[J].Chemical Engineering Science,2015,137:601-612.
[9] WANG J Q,PENG J J,ZHANG H Y,et al.An uncertain linguistic multi-criteria group decision-making method based on a cloud model[J].Group Decision and Negotiation,2015,24(1):171-192.
[10] BONDARENKO A,ALEKSEJEVA L,JUMUTC V,et al.Classification tree extraction from trained artificial neural networks[J].Procedia Computer Science,2017,104(C):556-563.
[11] ROSTAMI M,MORADI P.A clustering based genetic algorithm for feature selection[C]//Proceedings of the 6th Conference on Information and Knowledge Technology.Washington D.C.,USA:IEEE Press,2014:112-116.
[12] 袁琴琴,吕林涛.基于改进蚁群算法与遗传算法组合的网络入侵检测[J].重庆邮电大学学报(自然科学版),2017,29(1):84-89.
[13] 韩伟,马邕文,万金泉,等.基于云模型在废水处理pH控制中的仿真研究[J].计算机仿真,2015,32(5):432-440.
[14] SINGH R,KUMAR H,SINGLA R K.An intrusion detection system using network traffic profiling and online sequential extreme learning machine[J].Expert Systems with Applications,2015,42(22):8609-8624.
[15] 郝晓弘,张晓峰.入侵检测分类技术的比较研究[J].微型机与应用,2017,36(15):8-11,15.
[16] ABDELRAHMAN S M,ABRAHAM A.Intrusion detection using error correcting output code based ensemble[C]//Proceedings of the 14th International Conference on Hybrid Intelligent Systems.Washington D.C.,USA:IEEE Press,2014:181-186.