| Reinforcement learning is a mainstream machine learning technology,which is widely used in general artificial intelligence.At the same time,the rapid development of modern network,network attack events emerge in an endless stream,network attack means are various,bring great harm.Intrusion detection is an important technical realization of network information security,but faced with complex and varied network intrusion,there are many problems in detection research,such as low efficiency and low accuracy.Based on reinforcement learning theory,this paper carries out the research of network intrusion detection,and discusses some problems to promote the research of network intrusion detection.The main contents of this study are as follows:(1)The network intrusion detection model is compared and analyzed.In order to effectively detect possible intrusions,and take corresponding preventive measures to avoid serious damage to the network.This paper compares and analyzes the classical network intrusion detection models such as linear model,logistic regression model and Softmax regression model,and takes host-based intrusion detection and network-based intrusion detection as examples to conduct experimental analysis of the model effect.The results show that in the loss function performance comparison experiment,Softmax regression has carried out high performance enhancement experiment,and the recognition accuracy,false positive rate and false negative rate of the model are all in the reliable range.In the intrusion detection environment,both host-based detection and network-based detection can effectively measure the number of attacks,showing an increasing state.When detecting the number of optimizations,the outlier value increases with the increase of the number.(2)A network intrusion detection optimization model is proposed.In view of the problems existing in the previous structural models,this paper proposes a network intrusion detection model based on Markov decision process(SMDP)reinforcement learning,and constructs the detection model.In order to ensure the user reliability in intrusion detection,this paper proposes to use the user reliability index to control access and communication.The reliability calculation method is designed with network intrusion detection model.A value-based reinforcement learning algorithm(Q learning)is used to solve the network intrusion detection model,and Q value based on complete greed strategy is used to determine the maximum benefit of learning training.Aiming at the optimization model of network intrusion detection proposed in this paper,this paper designs the optimization model verification scheme.The data set adopts KDD99 data set,and the observation index adopts detection accuracy,detection misjudgment rate and detection missed judgment rate.The model training and testing results under six data sets,four detection models and three protocol data types were compared and analyzed respectively.The test results show that this model has certain capability of protocol data type independence,and the detection and recognition effect is good.(3)Completed the design of network intrusion detection system.Based on the network intrusion detection model proposed in this paper,the network intrusion detection system is designed,the network intrusion detection architecture is constructed,and the system function modules are designed,including the system data acquisition function,intrusion detection message engine function,real-time computing function,offline computing function,interface display function,etc.Flume,Flink and other technologies are used to realize the system.Flume technology realizes real-time monitoring and real-time data collection,Kafka technology forms message queue,HDFS realizes offline computing,Hive data warehouse technology realizes the statistical analysis of system logs and the interface display of visual system historical data.The network intrusion detection model in this paper is applied to Flink real-time computing and Hive offline computing for data intrusion detection. |
PDF Full Text Request