Intrusion detection method and device

An intrusion detection and algorithm technology, applied in computer security devices, instruments, electrical and digital data processing, etc., can solve problems such as low accuracy and low detection efficiency, and achieve the effect of improving accuracy and computing speed.

Active Publication Date: 2015-04-01
南方电网互联网服务有限公司
View PDF1 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The embodiment of the present invention provides an intrusion detection method and device, aiming to solve the problem that the intrusion detection method ...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion detection method and device
  • Intrusion detection method and device
  • Intrusion detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0044] figure 1 The implementation flow of the intrusion detection method provided by Embodiment 1 of the present invention is shown, and the details are as follows:

[0045] In step S101, data normalization processing is performed on the intrusion detection data set KDD CUP99 to obtain an n-dimensional high-dimensional vector group.

[0046] In the intrusion detection model, the selection of data set is the first step in the research and evaluation of intrusion detection algorithms, and the quality of the data set will directly determine the evaluation results of various intrusion detection algorithms.

[0047] The security audit data set KDD CUP99 organized by Columbia University IDS Laboratory, many papers and research results are based on this data set. The data set is divided into training set and detection set, which contains a large number of network connection records, each connection record contains 41-dimensional features, a total of 39 types of attack records, each...

Embodiment 2

[0088] image 3 A specific structural block diagram of the intrusion detection device provided by Embodiment 2 of the present invention is shown. For convenience of description, only parts related to the embodiment of the present invention are shown. The intrusion detection device 3 includes: a data specification unit 31 , a dimensionality reduction unit 32 , a cluster processing unit 33 , a cluster determination unit 34 and an abnormal data determination unit 35 .

[0089] Wherein, the data normalization unit 31 is used to perform data normalization processing on the intrusion detection data set KDD CUP99 to obtain an n-dimensional high-dimensional vector group;

[0090] A dimensionality reduction unit 32, configured to perform dimensionality reduction processing on the n-dimensional high-dimensional vector group to obtain an m-dimensional low-dimensional vector group, wherein m is less than n;

[0091] A clustering processing unit 33, configured to process the m-dimensional...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention is suitable for the technical field of intrusion detection and provides an intrusion detection method and device. The intrusion detection method includes subjecting an intrusion detection data set KDD CUP99 to data standardizing to obtain a high-dimension vector set with n dimensions; subjecting the high-dimension vector set to dimension reduction to obtain a low-dimension vector set with m dimensions, wherein m is smaller than n; utilizing a semi-supervised affinity propagation clustering algorithm to process the low-dimension vector set to obtain a clustering result; determining a normal cluster and at least one abnormal cluster in the clustering result according to data size in obtained clusters; acquiring data of the abnormal clusters, wherein the data are abnormal data obtained by intrusion detection. By the intrusion detection method, probability distribution of data class is enabled to be close to original distribution obtained by using all attributes as much as possible, calculating speed of the subsequent clustering algorithm is increased greatly, and abnormality detection accuracy of an intrusion detection model is improved.

Description

technical field [0001] The invention belongs to the technical field of intrusion detection, and in particular relates to an intrusion detection method and device. Background technique [0002] Intrusion Detection (Intrusion Detection, ID) research and development has a history of more than 20 years. This technology checks the information in the network or system by collecting and analyzing some information in the computer network or computer system without affecting the system performance. Whether there are signs of violations of security policies and attacks, and take corresponding countermeasures. [0003] At present, scholars at home and abroad have proposed a large number of intrusion detection algorithms, such as statistical methods, Bayesian reasoning methods, machine learning methods, neural networks, data mining, genetic algorithms, support vector machines and other methods. There are two main parameters for judging an intrusion detection system, namely the correct ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/55
CPCG06F21/554G06F2221/033
Inventor 张爽张涌宁立
Owner 南方电网互联网服务有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap