Method for carrying out classification detection on network attack behaviors through utilization of machine learning technology

A network attack and machine learning technology, applied in the field of information security, can solve problems such as active monitoring and complexity

Inactive Publication Date: 2018-09-14
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF3 Cites 29 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

When the number of monitoring nodes increases, the active monitoring of the network becomes more compl

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for carrying out classification detection on network attack behaviors through utilization of machine learning technology
  • Method for carrying out classification detection on network attack behaviors through utilization of machine learning technology
  • Method for carrying out classification detection on network attack behaviors through utilization of machine learning technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0071] The technical solutions of the present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.

[0072] Using a method of classifying and detecting network attack behaviors proposed by the present invention to classify network data, the operation process is as follows figure 1 As shown, the specific steps are:

[0073] Step 1. Collect network data and perform preprocessing to obtain training data.

[0074] The KDD CUP99 data is obtained, and 10% sampling is performed on the KDD CUP99 data set as the network data of this embodiment.

[0075] The training data is divided into normal (Normal) data and attack data; the attack data is further divided into 4 categories according to different attack types. The number of each type of training data is not less than 3000. The attack types are: Denial of Service (DOS), Monitoring or Probing (Probing), Remote Unauthorized Access (R2L) and Unauthorized Elevation of User Ri...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for carrying out classification detection on network attack behaviors through utilization of a machine learning technology and belongs to the technical field of information. The method comprises the steps of 1, collecting network data and carrying out preprocessing to obtain training data; 2, establishing and training a multilevel classifier; and carrying out classification detection on test data through utilization of the trained multilevel classifier. Compared with the prior art, the method provided by the invention has the advantages that 1, through utilization of a preprocessing method for the collection data, the data scale can be reduced, moreover, partial unrelated data is removed, and the integrated efficiency is improved; 2, through utilization ofthe multilevel classifier and an integrated learning thought, the problem that a single classifier is low in fitting precision is solved, and the detection precision of the system is greatly improved; and 3, through design of a data blocking method based on an improved random forest algorithm, different types of attach behavior detection can be realized as parallel algorithms, so the integrated detection speed of the system is improved.

Description

technical field [0001] The invention relates to a method for classifying and detecting network attack behaviors by using machine learning technology, which belongs to the technical field of information security. Background technique [0002] While the development of network and computer technology brings convenience to people's life, the security problem of network system also brings new troubles. Due to the exponential growth in the number and types of cyber attacks, networks and information systems are facing serious security threats. In this context, it is of great theoretical and practical value to study network security protection methods. [0003] In order to protect the security of the network system, identify and prevent the attack behavior inside and outside the system and the user's unauthorized behavior, researchers have proposed the active monitoring technology of the network system. This technology actively generates load to the monitored network through the m...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06K9/62
CPCH04L63/14H04L63/1408G06F18/2411
Inventor 吕坤郑宇坤
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap