Intrusion detection method and system based on DFS and association rule algorithm
A technology for network intrusion detection and rules, applied in transmission systems, digital transmission systems, computing, etc., can solve the problems of long detection and classification time, large data dimensions, high false alarm rate, etc., to achieve short consumption time and protect the network Safety and high detection accuracy
Pending Publication Date: 2022-01-18
SHANGHAI UNIVERSITY OF ELECTRIC POWER
View PDF3 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0003] Traditional network intrusion detection methods have defects such as high false alarm rate and high false negative rate. Network security administrators have to face a vast number of intrusion detection alarms every day, and it is difficult to accurately locate the real attack behavior from a large number of false alarm information. As a result, intelligence acquisition, threat perception, defense development and other links present a relatively passive situation.
At the same time, due to the large number of data files generated by traditional network intrusion, the data has many dimensions and contains a large amount of redundant information, and the time for detection and classification is long, resulting in low efficiency of intrusion detection. Traditional anomaly detection technology has been unable to meet today's more complex Web environment
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment
[0048] A network intrusion detection method based on DFS and association rule algorithm, such as figure 1 described, including the following steps:
[0049] S1: Build a data set. In this embodiment, the public data set NSL KDD data set is used as a data source.
[0050] S2: Based on the deep feature synthesis algorithm, the basic features of the data set are synthesized to obtain a feature set containing new features.
[0051] The specific steps of step S2 include:
[0052] S21: Initialize the entity set E of the dataset S , attribute set E 1,2,...M and the set of visited entities E V .
[0053] S22: Construct a set of backward relationship entities:
[0054] E. B =Backward(E S ,E 1,2,...M );
[0055] And construct a collection of forward relationship entities:
[0056] E. F =Forward(E S ,E 1,2,...M ).
[0057] S23: traverse all entities E in the database j , j∈s, s is the total number of entities in the entity set, connecting the associated entities, when the ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention relates to a network intrusion detection method and system based on a DFS and an association rule algorithm. The method comprises the following steps: S1, constructing a data set; s2, synthesizing basic features of the data set based on a depth feature synthesis algorithm to obtain a feature set containing new features; s3, training the feature set based on an association rule algorithm to obtain a strong association rule, and constructing a classifier based on the strong association rule; and S4, obtaining current network data, and inputting the current network data into the classifier for network intrusion detection. Compared with the prior art, the accuracy and the detection efficiency of network intrusion detection can be effectively improved.
Description
technical field [0001] The invention relates to the field of network intrusion detection, in particular to a network intrusion detection method and system based on DFS and association rule algorithms. Background technique [0002] With the development of network technology, the problem of network security has become increasingly serious. Network intrusion detection, as a proactive security protection technology, intercepts and responds to intrusions before the network system is compromised, and conducts in-depth and multi-level defenses for network subjects, which has received great attention from researchers. [0003] Traditional network intrusion detection methods have defects such as high false alarm rate and high false negative rate. Network security administrators have to face a vast number of intrusion detection alarms every day, and it is difficult to accurately locate the real attack behavior from a large number of false alarm information. As a result, intelligence ...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40G06K9/62
CPCH04L63/1416G06F18/214G06F18/241
Inventor 李麒鑫田秀霞
Owner SHANGHAI UNIVERSITY OF ELECTRIC POWER