A network attack type recognition method based on multi-layer detection

A network attack and type recognition technology, applied in the field of information security, can solve the problems of low accuracy and recall rate of network attack classification algorithms, unbalanced data sets, etc.

Active Publication Date: 2019-02-01
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF5 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to solve the problem of unbalanced network attack detection data set and low accuracy and...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A network attack type recognition method based on multi-layer detection
  • A network attack type recognition method based on multi-layer detection
  • A network attack type recognition method based on multi-layer detection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0123] According to the above technical solutions, the present invention will be described in detail below in conjunction with the accompanying drawings and implementation examples.

[0124] Using a network attack type identification method based on multi-layer detection proposed by the present invention, its operation flow is as follows figure 1 As shown, the specific operation steps are as follows.

[0125] Step 1. Obtain the original training data and perform preprocessing.

[0126] Step 1.1: Obtain network attack data to form the original training data set. This experiment uses the KDD99 data set. The data distribution in the original training data set is shown in Table 1, including Normal (normal), DoS (denial of service), PROBE (detection and scanning), U2L (illegal acquisition of super user privileges), R2L ( Unauthorized remote host access), five types of data. The distribution of subtypes of DoS data is shown in Table 2. Each piece of normal data or attack data co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a network attack type identification method based on multi-layer detection, belonging to the technical field of information security. The specific operation steps are as follows: Step 1, acquiring the original training data and preprocessing. 2, construct an integrated classification model. 3, train that ensemble classification model. 4, preprocess that test data. 5, classify that test data. Compared with the existing technology, the network attack type identification method based on multi-layer detection proposed in this patent has the following advantages: (1) adopting smart algorithm to upsample a small number of samples and downsample a large number of samples, so as to solve the problem of imbalance of data set samples. (2) Using the integrated model, the precision and recall rate of the detection are improved. (3) The Drosophila optimization algorithm FOA is combined with support vector machine SVM to realize the optimal and adaptive selection of parameters C and gamma in SVM.

Description

technical field [0001] The invention relates to a network attack type identification method based on multi-layer detection, which belongs to the technical field of information security. Background technique [0002] In cyberspace, the number and scale of network attacks have increased dramatically in recent years. The main types of network attacks include denial of service (Denial of Service, DoS), unauthorized remote host access (Remote-to-Login, R2L) , Unauthorized acquisition of super user access (User-to-Root, U2R), monitoring and detection (Probing), etc., each of the above-mentioned types of attacks includes multiple sub-attack types. To effectively detect these network attacks and deploy an efficient intrusion detection system has become an urgent task. [0003] At present, the commonly used network attack detection methods are: ① Rule-based detection method, the disadvantage is that it is difficult to detect new intrusions, and editing these rules is very time-consu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06K9/62H04L29/06
CPCH04L63/1416G06F18/214G06F18/2411G06F18/24147
Inventor 胡昌振吕坤孙冲
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap