摘要
针对现有入侵检测技术精度较低、特征提取能力不足的问题,构建了一种基于混合粒子群算法与多核最小二乘支持向量机的网络入侵检测模型。该模型首先针对单核最小二乘支持向量机存在的泛化能力弱、学习能力差的问题,结合多项式核函数和径向基函数的优点,构建多核最小二乘支持向量机;其次提出了一种用于入侵检测数据特征提取和多核最小二乘支持向量机参数优化的混合粒子群算法;最后将提取的特征作为参数优化后的多核最小二乘支持向量机的输入,实现对入侵检测数据集的分类识别。为了评估提出的模型的有效性,基于NSL-KDD、UNSW-NB15和CICIDS-2017数据集进行了实验,实验结果表明提出的模型的检测效果明显优于其他传统模型。
To address the problems of low precision and insufficient feature extraction capability of existing intrusion detection techniques, this paper constructs a network intrusion detection model(HPSO-MKLSSVM) based on HPSO and multi-kernel LSSVM. This model first aims at the weak generalization ability and poor learning ability of single-kernel LSSVM, and combines the advantages of polynomial kernel function and radial basis function to construct a multi-kernel LSSVM(MKLSSVM);then proposes a hybrid particle swarm optimization(HPSO) algorithm for feature extraction of intrusion detection data and parameter optimization of MKLSSVM;finally, it takes the extracted features as the input of the parameter optimized MKLSSVM to realize the classification and recognition of the intrusion detection dataset. In order to evaluate the effectiveness of HPSO-MKLSSVM, this paper conducts experiments based on NSL-KDD, UNSW-NB15 and CICIDS-2017 datasets. Experimental results indicate that the detection effect of the HPSO-MKLSSVM model is significantly better than other traditional models.
作者
王运兵
姬少培
查成超
WANG Yunbing;JI Shaopei;ZHA Chengchao(No.30 Institute of CETC,Chengdu Sichuan 610041,China)
出处
《信息安全与通信保密》
2022年第6期111-122,共12页
Information Security and Communications Privacy
基金
国家自然科学基金企业创新发展联合基金项目(No.U19B2021)。
关键词
网络入侵检测
入侵检测数据特征
参数优化
混合粒子群算法
检测效果
network intrusion detection
multi-kernel LSSVM
binary particle swarm algorithm
hybrid particle swarm optimization
effect of detection