摘要
为了进一步提高网络异常检测的准确率,本文在对现有入侵检测模型分析的基础上,提出了一种基于卷积神经网络和支持向量机的网络报文入侵检测方法.该方法首先将数据预处理成二维矩阵,为了防止算法模型过拟合,利用permutation函数将数据随机打乱,然后利用卷积神经网络CNN从预处理后的数据中学习有效特征,最后通过支持向量机SVM分类器将得到的向量进行分类处理.在数据集选择上,采用网络入侵检测常用的权威数据集—京都大学蜜罐系统数据集,通过与GRU-Softmax、GRU-SVM等现有检测率较高的模型进行实验对比,该模型在准确率上最高分别提高了19.39%和12.83%,进一步提升了网络异常检测的准确度.同时,本研究所提出方法在训练速度和测试速度上有较大提高.
In order to further improve the accuracy of network anomaly detection,based on the analysis of existing intrusion detection methods,this study proposes a network packets intrusion detection method based on Convolutional Neural Networks(CNN)and Support Vector Machine(SVM).The method first preprocesses the data into a two-axis matrix.In order to prevent the algorithm model from over-fitting,the permutation function is used to randomly shuffle the data,and then the CNN is used to learn the effective features from the pre-processed data.Finally,this method uses SVM classifier to classify the vectors.In the dataset selection,we use the authoritative dataset commonly used in network intrusion detection—Kyoto University honeypot system dataset.This method proposed in this study is compared with the existing models with high detection rates,such as GRU-Softmax and GRU-SVM.The model has improved the highest accuracy by 19.39%and 12.83%respectively,which further improves the accuracy of network anomaly detection.At the same time,the method has greatly improved the training speed and test speed.
作者
徐雪丽
段娟
肖创柏
张斌
XU Xue-Li;DUAN Juan;XIAO Chuang-Bai;ZHANG Bin(Faculty of Information Technology,Beijing University of Technology,Beijing 100124,China)
出处
《计算机系统应用》
2020年第6期39-46,共8页
Computer Systems & Applications
基金
国家自然科学基金(61501008)
北京市自然科学基金(4172002,4172012)
北京市科技计划(Z171100004717001)
北京市教委科技计划(KM201910005029)。
关键词
入侵检测
卷积神经网络
支持向量机
文本分类
深度学习
intrusion detection
Convolutional Neural Networks(CNN)
Support Vector Machine(SVM)
text classification
deep learning
