The Research Of Network Intrusion Detection

This paper makes the network intrusion detection system as the most important to insure the safety of internet. After the numerical analysis and normalization, this paper uses all kinds of feature extraction methods to reduce the intrusion dimension. Then it focuses on the classification model and clustering model to divide the samples into different categories. At last it designs a real-time network data acquisition and analysis model to realize the update of itself.This paper discusses the challenges in the computer safety at present and proposes the network intrusion detection system to solve them. Then the paper introduces the concept, architecture and developing trend of the system in details and makes the data set named NSL_DATA as training and testing data set. After the standardization of data set, this paper proposes the algorithm named Relief to reduce the dimension of intrusion features and the complexity of training data set. According to the ability to distinguish the type of the training samples, it estimates the metric of features and extracts part of features which satisfy conditions to make them as the best feature subset. Using the decision tree model, one-class classification of least squares support vector machine model can distinguish the normal and abnormal training samples quickly and precisely so that it greatly cuts down the data pressure of fuzzy c-means model to effectively improves classification accuracy and convergence of the abnormal samples. The data acquisition and analysis model can seize network data packets in real time to analyze and extract information according to the customize strategy. After that, the model transforms network connections to the standard training data and stores them into the database system to insure the update of itself and integrity so that the network intrusion system can restart another training at regular intervals to adjust and update the intrusion detection system in order to recognize new attacks and make up for the gaps to raise the classification accuracy.According to the testing data set, experiments show that the network intrusion detection system based on FSVM can satisfy the characters of real-time and huge data and has greatly improved the efficiency and classification accuracy. The system uses Java as the developing language which reduces the platform-dependent.