入侵检测分类技术的比较研究

A comparative study of intrusion detection classification technology

入侵检测是网络安全研究的主要问题之一,有效的检测方法在开发入侵检测系统中发挥着至关重要的作用。通过对数据挖掘中的分类算法进行深入研究,选取四种常用的分类算法如决策树、贝叶斯、K最近邻法和神经网络来分别构建入侵检测系统,旨在找到最有效的分类算法。仿真实验在Weka环境下使用KDD CUP99数据集进行测试。实验表明,采用C4.5决策树构建的入侵检测系统具有良好的检测性能,是一种非常有效的网络入侵检测方法。

Intrusion detection is one of the main problems in network security research. Effective detection method plays an important role inthe development of intrusion detection system. In this paper,through the in-depth study of classification algorithms of data mining,four kinds ofcommonly used classification algorithms,such as decision tree, Bayesian,K nearest neighbor method and neural network,are selecstruct the intrusion detection system respectively, and the most effective classification algorithm is found. Simulation experiments are performed using the KDD CUP99 data set in the Weka environment. The results show that the intrusion detection system constructed by C4. 5 decision tree has a good detection performance and is a very effective metliod of networls intriasion detection.