摘要
为了有效地检测网络的攻击行为,机器学习被广泛用于对不同类型的入侵检测进行分类,传统的决策树方法通常用单个模型训练数据,容易出现泛化误差大、过拟合的问题。为解决该问题,文中引入并行式集成学习的思想,提出基于随机森林的入侵检测模型,由于随机森林中每棵决策树都有决策权,因此可以很好地提高分类的准确性。利用NSL-KDD数据集对入侵检测模型进行训练和测试,实验结果表明,该模型的准确率可达99.91%,具有非常好的入侵检测分类效果。
In order to effectively detect the attack behavior of the network,the machine learning method are widely used to classify different types of network intrusion detection.The traditional decision tree methods usually use a single model to training data,which is prone to generalization errors and is prone to over-fitting.To solve this problem,this paper introduces the idea of parallel integrated learning,and proposes an intrusion detection model based on random fo-rest.Since each decision tree in the random fo-rest has decision-making power,it can improve the accuracy of classification very well.By using the NSL-KDD data set to train and test the intrusion detection model,the experimental results show that the accuracy rate can reach 99.91%,which shows that the model has a very good intrusion detection classification effect.
作者
曹扬晨
朱国胜
祁小云
邹洁
CAO Yang-chen;ZHU Guo-sheng;QI Xiao-yun;ZOU Jie(School of Computer and Information Engineering,Hubei University,Wuhan 430062,China;School of Chemistry and Chemical Engineering,Hubei University,Wuhan 430062,China)
出处
《计算机科学》
CSCD
北大核心
2021年第S01期459-463,共5页
Computer Science
基金
赛尔网络下一代互联网技术创新项目
基于Cloud VR和IPv6的特殊作业教育培训系统项目(NGII20180507)。
关键词
入侵检测
机器学习
随机森林
决策树
Intrusion detection
Machine learning
Random forest
Decision tree