| Intrusion detection technology is an important research topic in the field of computer security.For the defects of data imbalance and feature redundancy of the commonly used intrusion detection datasets,this thesis researches the common oversampling and feature select algorithms and proposes the improved measures for their shortcomings.On this basis,this thesis proposes an intrusion detection model based on the ensemble learning.The main work includes the following three aspects:(1)An improved MAHAKIL algorithm is proposed to address the dataset imbalance.The algorithm adds variation factor on the MAHAKIL algorithm,which makes the new samples more diverse,provides more information for the model during the training,and finally improves the detection performance of the model.The results on the NSL-KDD dataset suggest that oversampling the dataset by the improved MAHAKIL algorithm can effectively improve the overall accuracy of the model.(2)A two-stage filtered feature selection algorithm based on double index decision is proposed to reduce the dimension of datasets for the feature redundancy.Firstly,the algorithm calculates the score of each feature and ranks them based on the chisquare and Relief F algorithm,With that,some redundant features are removed according to the scores;Then trains the model many times with different feature number each time and determines the best feature number in terms of the training results? And use the m RMR algorithm for the second feature selection among the remaining features.Experimental results show that the accuracy of the model is improved,and the training time is on the feature subset outpour by the algorithm.(3)This thesis also proposes an intrusion detection model based on the ensemble learning.The model utilizes the optimum path forest as the base classifier and designs a filtering strategy based on the characteristics of the ensemble learning,the strategy uses clusters algorithm to cluster and analyze for multiple base classifiers,so that there is higher accuracy for the filtered individual base classifiers and higher independence between them.Finally,they are integrated in the Bagging manner.The experimental results on the NSL-KDD dataset show that the proposed algorithm has better performance compared with the commonly used intrusion detection models.With that,the proposed model is also tested on the NSL-KDD dataset after balancing and dimensionality reduction.Compared with the experimental results on the original dataset,the results on the processed dataset have higher accuracy and lower false positive rate.In summary,in this thesis,firstly,the NSL-KDD dataset is processed by oversampling and feature selection.Then an ensemble learning-based intrusion detection model is proposed.Finally,the simulation experimental results verify that the proposed model has improved in both accuracy and recall rate. |
PDF Full Text Request