摘要
提出了一种基于机器学习的网络入侵检测系统来防止恶意的在线攻击。该系统是一种多阶段优化框架,研究了过采样技术对模型训练样本数量的影响,比较了基于信息增益和基于相关性的两种特征选择技术,探讨其对检测性能和时间复杂度的影响;探索了不同的超参数优化技术来进一步提高网络入侵检测系统的性能。在CICIDS 2017和UNSW-NB 2015入侵检测数据集上的实验结果表明,该模型能显著降低所需的样本数量和特征集量,并在两个数据集上的检测准确率均超过99%。在保持检测性能的同时降低了计算复杂度。
This study proposes a network intrusion detection system based on machine learning to prevent malicious online attacks.The system is a multi-stage optimization framework which not only studies the influence of oversampling technology on the number of training samples,but also compares two feature selection technologies based on information gain and correlation separately,and discusses their influence on detection performance and time complexity.In addition,this study also explores different maximum likelihood hyper-parameter optimization techniques to further improve the performance of network intrusion detection system.The experiment results on CICIDS 2017 and UNSW-NB 2015 intrusion detection datasets show that the model can significantly reduce the number of samples and the number of feature sets,and the detection accuracy on both datasets is higher than 99%.It reduces the computational complexity while maintaining the detection performance.
作者
胡声秋
李友国
高渊
吴玲丽
HU Sheng-qiu;LI You-guo;GAO Yuan;WU Ling-li(China Mobile Chongqing Co.,Ltd.,Chongqing 401121,China)
出处
《信息技术》
2023年第9期125-131,共7页
Information Technology
关键词
网络安全
网络入侵检测
过采样技术
特征选择
超参数优化
network security
network intrusion detection
oversampling technique
feature selection
hyper-parameter optimization
