Research On Intrusion Detection Based On Genetic Algorithm Neural Network And Its Application In CIPS Network

After years of development, Chinese railway informatization has obtained outstandingachievements from scratch. The railway computer network is the basic guarantee of railwayinformatization construction and precondition for the railway normal operation.Railway marshalling station computer integrated process system (CIPS) shoulders on theresponsibility of data sharing and exchange, security issues must be considered. Althoughmarshalling station network has a certain amount of defensive ability, with the developmentof railway computer network construction, the wanton spread of computer virus andcomplicated network attack measures still pose a great threat to CIPS system. Intrusiondetection, a dynamic transparent defense technology, not only could detect unauthorizedattacks from outside of network, but also discover fault behaviors caused by personneloperation or malicious abuse of internal network.There is high false alarm rate and non-response rate in traditional intrusion detectionsystem. In order to enhance security level of CIPS network, a favorable performance intrusiondetection model against problem of intrusion detection in CIPS network is of greatsignificance.Back Propagation (BP) neural network algorithm has advantage of favorableself-learning ability, strong adaptability and good fault tolerance. However, the algorithm iseasy to fall into minimum value and slow convergence defects, so the thesis adopts a globalsearch ability of genetic algorithm (GA) to optimize BP neural network weights and threshold,realizing the target of complementary advantages.The thesis establishes intrusion detection model based on genetic algorithm neuralnetwork (GANN), then uses standard KDD CUP99datasets to evaluate intrusion detectionprocess. Due to the huge amount of data and the high dimension, during the process of datapretreatment, the thesis uses principal component analysis method to reduce the datadimension and remove low contribution data rate, so as to mitigate the burden of networktraining and save training time. Because of data type is diverse, and unit of measure isdifferent, all the data is normalized.After a large number of theoretical studies and Matlab simulation, the typical attack datais added to test the model, the thesis compares intrusion detection system (IDS) based on BPwith IDS based on GANN. The experimental results show that GANN intrusion detectionmodel has a good ability to identify the overall high recognition rate of intrusion detectionmodel based on BP, the rate of false positives also decreased significantly, the test achieving agood detection results.