| With the rapid development of computer technology and its application in railway signal system,the system becomes increasingly intelligent.However,its own vulnerability also provides a chance for malicious attackers to intrude into the railway signal system,which may cause serious consequences and immeasurable economic loss.Therefore,intrusion detection technology is urgently needed for the signal system.The goal of this paper was to improve the detection rate of intrusion detection system,due to the high dimension of the data and the classification nature of intrusion detection,feature dimension reduction methods and intrusion classification algorithms was studied and an ensemble intrusion detection model was designed.The main contents of this paper include the following aspects:(1)To reduce the detection algorithm complexity,which caused by the high dimensional feature of data sample set,a two-stage feature dimension reduction method based on information gain and principal component analysis was designed.In the first stage,each feature was ranked depending on its importance for classification using the information gain(IG)method,and the K nearest neighbor algorithm was adopted as the evaluation function to select the optimal feature subset,thus the feature of less importance were ignored.In the second stage,the principal component analysis(PCA)method was applied to reduce the dimension of the feature subset again,which eliminating the correlation between features.The new feature was used in the following detection.(2)In order to prevent traditional BP neural network from falling into local optimal value,which impacting accuracy of classification,the Particle Swarm Optimization(PSO)algorithm was used to optimize the initial weights and thresholds of the BP neural network.When using the C4.5 algorithm to establish the classification,In order to avoid over-fitting and improve the classification accuracy of unknown data,the pessimistic error pruning algorithm were used to prune the generated decision tree.Two intrusion detection model were built based on PSO-BPNN and C4.5.The experiment on the KDD CUP99 dataset showed that compared with the classical BP neural network,the PSO-BP neural network model proposed in this paper could effectively improve the classification accuracy.(3)To further improve the detection accuracy rate of intrusion detection system and reduce the false negative rate,an ensemble intrusion detection model was designed,which combining the advantages of different classifiers.First,IG-PCA feature reduction method was used to preprocess the dataset,Then the classifiers established by PSO-BPNN,C4.5 and KNN were used as the base classifier to recognize the data types respectively,finally the weighted voting method was introduced to make the final decision.The ensemble intrusion detector was applied to the data collected from the Radio Block Center test platform of high speed rail control system.The experimental results showed that the model could effectively detect the intrusion behavior in the railway signaling system. |
PDF Full Text Request