Journal of Frontiers of Computer Science and Technology ›› 2019, Vol. 13 ›› Issue (7): 1123-1133.DOI: 10.3778/j.issn.1673-9418.1805073

Previous Articles     Next Articles

Intrusion Detection Method of Multiple Classifiers Under Deep Learning Model

CHEN Hong, CHEN Jianhu+, XIAO Chenglong, WAN Guangxue, XIAO Zhenjiu   

  1. College of Software, Liaoning Technical University, Huludao, Liaoning 125105, China
  • Online:2019-07-01 Published:2019-07-08

深度学习模型下多分类器的入侵检测方法

陈  虹,陈建虎+,肖成龙万广雪肖振久   

  1. 辽宁工程技术大学 软件学院,辽宁 葫芦岛 125105

Abstract: Aiming at the problem of poor performance of traditional intelligent intrusion detection methods in massive data environment, a multi-classifier intrusion detection method (DBN-OGB) based on one-versus-one gradient boosting decision tree (GBDT) under deep belief networks (DBN) is proposed. This method first uses the deep belief network to extract the low dimension and representative characteristic data from the high-dimensional and complex intrusion detection data. Then, one-versus-one method is used to construct a gradient tree classifier between two kinds of characteristic data. The classifiers are used to identify the unknown network attack, and the category with the most votes is the category of the attack. Finally, the NSL-KDD data set is used to carry out simulation experiments. The experimental results show that the average accuracy and detection rate of the DBN-OGB method are higher than 99%. Compared with the DBN-MSVM method, the accuracy and detection rate of the method are increased by 0.56% and 1.03% respectively, indicating that DBN-OGB is an effective and feasible intrusion detection method, and can improve the detection performance of massive intrusion data.

Key words: intrusion detection, deep learning, back propagation neural network, gradient boosting decision tree

摘要: 针对海量数据环境下,传统智能化入侵检测方法检测性能较差的问题,提出了一种深度信念网络(deep belief networks,DBN)下一对一(one-versus-one)梯度提升树(gradient boosting decision tree,GBDT)的多分类器入侵检测方法(DBN-OGB)。该方法首先利用深度信念网络从高维、复杂的入侵检测数据中提取出低维、具有代表性的特征数据;然后利用一对一法,在任意两类特征数据之间构建一个梯度提升树分类器;接着利用各个分类器对未知网络攻击进行识别,得票最多的类别即为该攻击的类别;最后利用NSL-KDD数据集进行仿真实验。实验结果显示DBN-OGB方法的平均准确率和检测率都高于99%,相较于DBN-MSVM(deep belief nets based multi-class support vector machine)方法其准确率和检测率分别提升0.56%和1.03%,表明DBN-OGB是一种有效、可行的入侵检测方法,且提高了对海量入侵数据的检测性能。

关键词: 入侵检测, 深度学习, 反向传播神经网络, 梯度提升树