当前位置: X-MOL 学术Math. Probl. Eng. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
An Intrusion Detection Method Based on Decision Tree-Recursive Feature Elimination in Ensemble Learning
Mathematical Problems in Engineering ( IF 1.430 ) Pub Date : 2020-11-23 , DOI: 10.1155/2020/2835023
Wenjuan Lian 1 , Guoqing Nie 1 , Bin Jia 1 , Dandan Shi 1 , Qi Fan 1 , Yongquan Liang 1
Affiliation  

With the rapid development of the Internet, various forms of network attack have emerged, so how to detect abnormal behavior effectively and to recognize their attack categories accurately have become an important research subject in the field of cyberspace security. Recently, many hot machine learning-based approaches are applied in the Intrusion Detection System (IDS) to construct a data-driven model. The methods are beneficial to reduce the time and cost of manual detection. However, the real-time network data contain an ocean of redundant terms and noises, and some existing intrusion detection technologies have lower accuracy and inadequate ability of feature extraction. In order to solve the above problems, this paper proposes an intrusion detection method based on the Decision Tree-Recursive Feature Elimination (DT-RFE) feature in ensemble learning. We firstly propose a data processing method by the Decision Tree-Based Recursive Elimination Algorithm to select features and to reduce the feature dimension. This method eliminates the redundant and uncorrelated data from the dataset to achieve better resource utilization and to reduce time complexity. In this paper, we use the Stacking ensemble learning algorithm by combining Decision Tree (DT) with Recursive Feature Elimination (RFE) methods. Finally, a series of comparison experiments by cross-validation on the KDD CUP 99 and NSL-KDD datasets indicate that the DT-RFE and Stacking-based approach can better improve the performance of the IDS, and the accuracy for all kinds of features is higher than 99%, except in the case of U2R accuracy, which is 98%.

中文翻译:

集成学习中基于决策树递归特征消除的入侵检测方法

随着Internet的飞速发展,各种形式的网络攻击已经出现,如何有效地检测异常行为并准确识别其攻击类别已成为网络空间安全领域的重要研究课题。最近,在入侵检测系统(IDS)中应用了许多基于热机器学习的方法来构建数据驱动的模型。该方法有利于减少人工检测的时间和成本。然而,实时网络数据包含大量冗余术语和噪声,并且一些现有的入侵检测技术具有较低的准确性和不足的特征提取能力。为了解决上述问题,提出了一种基于决策树递归特征消除(DT-RFE)特征的集成学习入侵检测方法。我们首先提出一种基于决策树的递归消除算法的数据处理方法,以选择特征并减小特征维数。此方法从数据集中消除了冗余和不相关的数据,以实现更好的资源利用率并降低时间复杂度。在本文中,我们通过将决策树(DT)与递归特征消除(RFE)方法相结合来使用Stacking集成学习算法。最后,通过对KDD CUP 99和NSL-KDD数据集进行交叉验证的一系列比较实验表明,DT-RFE和基于Stacking的方法可以更好地提高IDS的性能,
更新日期:2020-11-23
down
wechat
bug