| Comparing various advantages and disadvantages of Intrusion Detection Technologies, expert system technology has been more mature, which has been applied to the intrusion detection systems, has achieved some progress in research and practical applications. But it is difficult to maintain and update the intrusion database. Experts need summarize the intrusion feature and then update DB manually and constantly. In addition, the expert system can only detect known intrusion, but cannot detect unknown attacks. Therefore, for improving the ESIDS, this paper adds neural networks technology. ANN(Artificial neural networks)has the characters of nonlinear mapping and self-study, which has the advantages of simple modeling and strong acceptance. It can detect unknown attacks in IDS. After neural network detects unknown attacks, then extract new intrusion rules features and add to ES rules database. Realize the update of intrusion rules database automatically. Therefore the combination of expert system and neural networks applying in IDS can improve effectively the detection rates. In the end of this paper, the simulation results show that the method is effective.Put forward the model of Intelligent Intrusion Detection System Based on Principal Components Analysis Feature Extraction, this model is intelligent, and the paper designs the model. Consider the high-dimensional data characteristics of neural networks. Principal component analysis method is used to reduce the data dimension. Simulate with KDD Cup 99 data, the results show that the method is effective.Finally, simulate the design and test the validity of the model. Experimental results show that the model can detect new intrusion, and the model has the characteristics of self-study, through feature extraction it can add new attack rules automatically to expert system knowledge database. The research has the value of further study. |
PDF Full Text Request