摘要
为了降低现有的入侵检测模型在面对高维数据集时,往往会出现分类精度低,假阳性率高等问题,本文提出了一种结合卷积神经网络和C5.0分类算法的电力信息系统入侵检测模型。该模型首先用CNN的中间隐藏层学习并提取流量数据的特征,然后将提取出的特征输入到C5.0分类器中训练并分类。通过与KNN、SVM、NB以及J48这四种分类器在NSL-KDD和UNSW-NB15两种数据集上分别做多分类对比性实验,结果表明C5.0分类器在CNN特征的二分类和多分类任务中表现出了分类精度高、假阳性率低的最优性能,该模型具有一定的应用推广价值。
In order to reduce the problems of low classification accuracy and high false positive rate when the existing intrusion detection models face high-dimensional data sets,this paper proposes a power information system combining convolutional neural network and C5.0 classification algorithm intrusion detection model.The model first uses the intermediate hidden layer of CNN to learn and extract the features of the traffic data,and then input the extracted features into the C5.0 classifier for training and classification.Through the four classifiers of KNN,SVM,NB and J48,the NSL-KDD and UNSW-NB15 data sets were used for multi-class comparison experiments.The results show that the C5.0 classifier is in the two-class and multi-class CNN features.The classification task shows the optimal performance of high classification accuracy and low false positive rate.This model has certain application and promotion value.
作者
王扶文
肖建军
刘国亮
刘高鹤
WANG Fuwen;XIAO Jianjun;LIU Guoliang;LIU Gaohe(State Grid Gansu Electric Power Company Dingxi Power Supply Company,Dingxi 743000,Gansu,China)
出处
《电力大数据》
2022年第8期37-44,共8页
Power Systems and Big Data
关键词
入侵检测
深度学习
卷积神经网络
分类器
intrusion detection
deep learning
convolutional neural network
classifier
