摘要
为了有效地检测网络攻击行为,提高网络安全水平,提出一种基于随机森林的网络异常流量检测方法。该方法能够从海量的数据流量中高效、准确地检测出异常流量,及时发现并阻断网络攻击行为。将随机森林算法与决策树、支持向量机等经典分类器从正确率、精确率、召回率、F1度量以及训练预测耗时等指标进行对比,随机森林算法都优于其他分类器,具有出极好的检测效果。
In order to effectively detect network attacks and improve the level of network security, a detection method of abnormal network traffic based on Random Forest is proposed. This method can efficiently and accurately detect abnormal traffic from massive data traffic, and discover and block network attacks in time. Comparing the Random Forest Algorithm with classic classifiers such as Decision Trees and Support Vector Machines in terms of Accuracy, Precision, Recall, F1 measurement, and Time-consuming training prediction, the Random Forest algorithm is superior to other classifiers and has an excellent detection effect.
作者
肖香梅
余建
林志兴
XIAO Xiang-mei;YU Jian;LIN Zhi-xing(Network Center(Information Construction Office),Sanming University,Sanming 365004,China)
出处
《三明学院学报》
2022年第3期84-91,共8页
Journal of Sanming University
基金
福建省教育厅中青年教师教育科研项目(JAT200638、B202029)
2020年三明市科技引导项目(2020-S-12)
福建省“十三五”发展规划课题(FJJKCG20-058)
2021年福建省电子商务工程中心课题(KBX2106)。
关键词
网络安全
随机森林
信息增益
异常流量检测
network security
random forest
information gain
abnormal traffic detection
