| With the rapid development of Internet, computer network security issues have become more serious, so the corresponding security measures will become increasingly more important. As a prevention-based dynamic security precautions, intrusion detection technology has been a hot research field of information security, and also has a pivotal position.In this paper, on the basis of the traditional KNN algorithm is proposed. Because the traditional KNN algorithm inefficiencies and accuracy is not high enough, F-KNN include the following three improvements:First, deletion of training sample database. Cut out a large number of duplicate data in training sample database to reduce the amount of computation in the learning process, thereby enhancing learning efficiency.Second, establish an index model. Randomly selected a training sample as a reference point, then calculate the distance of other training samples to the reference point, sort by distance, to get an orderly linear form and an index table, according to the index table and ordered linear table quickly find k nearest neighbors of test samples, reducing the search range, thereby enhancing learning efficiency.Third, construct cache. Before test samples to be classified, compare it with the cached data, if the same sample directly given cache class standard, if not identical, further classify, thereby enhancing learning efficiency.In this paper, using KDD CUP99as the experimental data, first, preprocess the data,; then use the feature reduction algorithm based on mutual information to reduce the dimensionality of the data set; finally use the F-KNN algorithm is proposed for anomaly detection. Experimental results show that the algorithm is proposed can accelerate the learning efficiency effectively. |
PDF Full Text Request