| In recent years, as the network technology advances, the attack on computer systems becomes more and more and network security issues become more serious and directly impact on national and personal interests.Intrusion detection as a new network security technology is an important part of the structure,which can help to find the key points of information, to test a variety of types of attacks,and to make up the deficiency of traditional security technologies. However, the existing detection methods in the detection accuracy is still not very good.such problems as less precision of intrusion detection, higher false positive rate, and so on,seriously affects the normal use of the network.So how to effectively prevent the occurrence of the invasion is now the focal point.In order to improve the ability of intrusion detection,integration thoughts of multiple classifiers is introduced into intrusion detection in the paper. The paper mainly focused on integration of multiple classifiers and its application in Intrusion Detection.Its main tasks are the following:(1)heterogeneous classifier ensemble: In this approach heterogeneous classifiers is composed of the random forests, support vector machines, clustering and Bayesian classifier, which combines the advantages of these classifiers. Firstly, each classifier individually makes decisions, and gets the false positive rate for each class,and then calculates the weights of each output, making the false positive rate lower and the weight higher.Finally, the weighted sum of each class is calculated.Using the method of Weighted Voting ,the number of votes is counted in each connection,and then according to the maximum number to determine the connection belongs to each class.(2) an classification selective ensemble approach based on genetic algorithm: Premature convergence of genetic algorithm is mainly due to the fact that the probability of crossover and mutation operators are improper. Through genetic crossover and mutation.The method for this problem which the future generations are not directly compared and determined, but after the local optimal solution is searched by the tabu search,most of the unknown area is found and then a set of solutions is got,and then which is compared with the parent, accordingly to judge which solution is the best. A series of algorithms are showed in the Bagging classifier, then classifier is choosen by this method, this makes overall integration better. Experimental results show that the used method is effective in that can not only better improve the detection accuracy but reduce frequencies of false positive rate. |
PDF Full Text Request