半监督技术和主动学习相结合的网络入侵检测方法

针对当前网络入侵具有多样性和易变性, 单一方法很难获得理想网络入侵检测结果的问题, 为提高网络入侵检测正确率, 有效拦截各种网络入侵, 提出一种将半监督技术与主动学习相结合的网络入侵检测方法. 首先, 采集网络入侵数据, 提取网络入侵特征, 并采用半监督技术根据特征对网络入侵数据进行聚类处理; 其次, 采用主动学习算法对聚类后的数据进行训练, 构建网络入侵检测的分类器, 并引入蚁群算法对构建网络入侵检测的分类器进行优化； 最后, 采用标准数据集对网络入侵检测方法进行仿真测试. 测试结果表明, 该方法解决了当前入侵检测方法存在的缺陷, 提升了网络入侵检测正确率, 漏检率和误检率明显少于经典网络入侵检测方法, 同时缩短了网络入侵检测时间, 改善了网络入侵检测效率, 能更好地保证网络通信和数据传输安全.

Network Intrusion Detection Method Based on Combination of Semi-supervised Technology and Active Learning

In view of diversity and variability of the current network intrusion, and it was difficult to obtain ideal network intrusion detection results by a single method. In order to improve the accuracy of network intrusion detection and effectively intercept all kinds of network intrusion, we proposed a network intrusion detection method based on combination of semi-supervised technology and active learning. Firstly, the network intrusion data was collected, the network intrusion features were extracted, and the semi-supervised technology was used to cluster the network intrusion data according to the features. Secondly, the active learning algorithm was used to train the clustered data, the classifier of network intrusion detection was constructed, and the ant colony algorithm was introduced to optimize the classifier of network intrusion detection. Finally, the standard data set was used to simulate and test the network intrusion detection. The text results show that this method solves the defects of the current intrusion detection methods, improves the accuracy of network intrusion detection, and the missed detection rate and false detectio n rate are significantly less than the classical network intrusion detection methods. At the same time, it shortens the network intrusion detection time, improves the efficiency of network intrusion detection, and can better ensure the security of network communication and data transmission.