Research And Designation Of Intrusion Detection System Based On Neural Network

Nowdays, the computer network security issues have been more and more concerned. The means of network intrusion become increasingly complex and diversified. Due to the limitations of traditional network security technologies, intrusion detection systems turn into the focus research of the network security technologies at present. To improve some shortcomings of the existing intrusion detection systems, this thesis applied artificial neural networks to the intrusion detection systems (IDS), and it comes up with good results.In the paper, the characteristics of intrusion detection technologies, the basic model of IDS, are first described; the learning principle and mathematical derivation of the Kohonen and BP neural network are studied.Then an intrusion detection systems based on neural network is designed in accordance with the idea of modular, and each module is devised in detail. Taking into account the large network datastream, a feature extraction module is added into the system. The principal component analysis technology is applied in this module. It can eliminate redundancy and reduces the dimension by means of data space transformation, so it can improve the ability of the system real-time response. Also to solve weak points of BP algorithm, six kinds of improvements are introduced in this paper.Finally, experiment simulation results are obtained by Matlab platform. First, preprocess the KDD99data sets with Python language; Extracted the training samples and testing samples of the four types of attacks from KDD99data sets, BP and Kohonen neural network is implemented to train and test the extracted data, whether the data is processed by PCA feature extraction procedure or not. Then compare and analyze the results by using Detection rate, false alarm rate, training time and testing time as the performance evaluation criteria. It is concluded those by the results, as in the experiments of the Kohonen network, principal component analysis is limited to shorten the training and testing time; in the BP neural network experiments, get the best algorithms to detect four types of attacks by comparison, the PCA feature extraction technology and improved BP algorithm can both reduce the chance of convergence of network training, reduce training time and testing time. Compared with the experimental results of the Kohonen network and BP network, we also conclude that the data which is processed by PCA feature extraction procedure have a high true positive rate, a low false positive rate and a quick real-time response when detected by BP neural network, and this method is an efficient and feasible technique.