基于二次训练技术的入侵检测方法研究

提出了一个基于二次训练技术的网络入侵检测模型，不但可以从整体上提高入侵检测系统的检测性能，而且对于低频率、高危害攻击类型的检测性能有着更加显著的提升.该模型首先利用PCA算法提取数据集中的重要特征，然后使用二次训练技术训练分类器构建网络入侵检测模型.实验中分别使用决策树、朴素贝叶斯和KNN 3个经典分类算法构建了基于二次训练技术的入侵检测模型，并在著名的KDDCup99数据集上进行了实验.结果表明本文的入侵检测模型可以有效地提高入侵检测系统的性能，尤其是对于低频率攻击类型的检测性能有明显的提升. 

Intrusion Detection Model Based on Double Training Technique

In this paper, a network intrusion detection model was proposed based on double training technique to improve the frequency detection performance and to advance the detection ability for the low-frequency and high serious attacks. Firstly, the important features were extracted from whole dataset according to PCA. Then, a network intrusion detection model was constructed based on the classifier trained with double training technique. In experiments, the decision tree, naive Bayes and KNN algorithms were used respectively to construct the intrusion detection models based on double training technique. The experimental results show that the models can enhance the performance of the intrusion detection, especially for the low-frequency attacks.