摘要
网络入侵行为的多样化和智能化,以及网络数据具有特征维数高和非线性可分等特点,导致了网络数据特征提取不充分和模型分类准确率低等问题。为此,提出一种基于独立成分分析(ICA)算法和三支决策(TWD)的入侵检测算法。利用ICA算法将网络连接数据基于极大非高斯性进行特征提取,同时将数据从高维特征空间映射到低维特征空间,以此来消除冗余数据,并通过多次的特征提取来构造多粒度的特征空间。对网络行为进行三支决策。建立的模型在NSL-KDD、CIC-IDS2017数据集上的实验结果表明其具有更好的特征提取能力和更精确的分类能力。
With the diversification and intelligence of network intrusion behaviors,network data has the characteristics of high feature dimensionality and non-linear separability,which leads to insufficient feature extraction and low model classification accuracy in network data.Therefore,an intrusion detection model based on independent component analysis(ICA)and three-way decisions(TWD)is proposed.The characteristics of network connection data were reduced by using ICA algorithm based on maximal non-Gauss property.The data was mapped from high dimensional feature space to low dimensional space to eliminate redundant data.And a multi-granular feature space was constructed through multiple feature extraction.Decisions were made on network behaviors based on three decision-making theories.Experiments were performed on NSL-KDD and CIC-IDS2017 data set.The results show that the proposed model has better feature extraction capability and more accurate classification ability.
作者
王帅
黄树成
Wang Shuai;Huang Shucheng(School of Computer,Jiangsu University of Science and Technology,Zhenjiang 212003,Jiangsu,China)
出处
《计算机应用与软件》
北大核心
2024年第7期288-295,共8页
Computer Applications and Software
基金
国家自然科学基金项目(61772244)。
关键词
ICA
三支决策
特征提取
入侵检测
ICA Three-way decisions
Feature extraction
Intrusion detection
