Network real-time intrusion detection method based on fast gradient boosting tree model

A gradient boosting tree and intrusion detection technology, applied in the field of network security, can solve the problems of difficult to meet real-time requirements, difficult to deal with network intrusion, high false alarm rate, etc., achieve good time efficiency, improve detection performance, and reduce false positives. The effect of reporting

Active Publication Date: 2020-07-28
SOUTH CHINA UNIV OF TECH
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Common network security protection technologies include firewalls, data encryption, authentication and digital signatures, etc. These static passive defensive network security tools have a single service mode and are difficult to deal with today's complex and changeable network intrusions
[0003] Network traffic is an important data source for intrusion detection. Common network intrusion detection methods can be divided into misuse-based network intrusion detection and anomaly-based network intrusion detection according to the principle. However, the training data obt

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network real-time intrusion detection method based on fast gradient boosting tree model
  • Network real-time intrusion detection method based on fast gradient boosting tree model
  • Network real-time intrusion detection method based on fast gradient boosting tree model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0043] Such as figure 1 As shown, the present embodiment provides a real-time network intrusion detection method based on a fast gradient boosting tree model, comprising the following steps:

[0044] S1. In the model building stage, use the training data to train the fast gradient boosting tree classification model;

[0045] Such as figure 2 As shown, the specific steps to establish a classification model based on fast gradient boosting trees include:

[0046] The original data is sampled by GOSS (Gradient-based One-Side Sampling) to reduce the amount of data, and at the same time, the mutually exclusive sparse features are bound by EFB (Exclusive Feature Bundling) to reduce the feature dimension, and the obtained data is used as training data;

[0047] The training data set comes from the network environment deployed by the intrusion detection system, expressed as a feature vector set:

[0048]

[0049] Among them, N represents the number of feature vectors, x i is th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network real-time intrusion detection method based on a fast gradient boosting tree model. The method comprises the following steps: training a fast gradient boosting tree classification model by using training data; capturing network traffic data in continuous time windows, wherein the original traffic data captured in each time window is used as a data block; performingstatistical analysis on data blocks to generate a plurality of feature vectors; classifying the feature vectors by adopting a fast gradient boosting tree classification model, and distinguishing normal behaviors from network intrusion behaviors; and if the behavior is judged to be the network intrusion behavior, outputting a network intrusion alarm signal. The category deviation problem of classification performance can be solved, the false alarm rate can be reduced, and meanwhile, the matching process of the model establishment stage and the decision stage meets the real-time requirement.

Description

technical field [0001] The invention relates to the field of network security, in particular to a network real-time intrusion detection method based on a fast gradient lifting tree model. Background technique [0002] Common network security protection technologies include firewalls, data encryption, authentication, and digital signatures. These static passive defensive network security tools have a single service mode and are difficult to deal with today's complex and changeable network intrusions. [0003] Network traffic is an important data source for intrusion detection. Common network intrusion detection methods can be divided into misuse-based network intrusion detection and anomaly-based network intrusion detection according to the principle. However, the training data obtained in the real network environment is unbalanced data. , so the intrusion detection method based on misuse usually has category bias in classification performance, that is, the detection performa...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06K9/62
CPCH04L63/1416G06F18/214G06F18/24323
Inventor 金冬子陆以勤覃健诚王君君毛中书李佳
Owner SOUTH CHINA UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap