The Research Of Network Intrusion Detection Based On Kernel Methods

With the spread of Internet, the network security draws tremendous attentions, and becomes acritical issue. Solving the problem can guarantee the security of network system when the users surfon the Internet. Kernel Principal Component Analysis (KPCA), Particle Swarm Optimizationalgorithm (PSO) and Support Vector Machine (SVM) are applied to intrusion detection, thesealogithms help reduce the redundancies of the data、the blindness of selecting SVM parametersand improve the performance of the IDS effectively.The main work of this paper is studying the kernel method and using it in intrusion detectionsystem. First, this paper propose hybrid kernel principal component analysis algorithm by usingmultiple kernel functions. Second, on the basis of PSO, two kinds of new optimization algorithmsfor SVM parameters are given. The main works and innovations are as follow:(1) An algorithm based on mixed kernel functions is given, named Multiple Kernel PrincipalComponent Analysis (MKPCA). This algorithm is used to extracting the feature of intrusiondetection data and it can reduce dimensions of the data on the premise of keeping the informationintegrity. This method is not a single kernel function, but combining global kernel function (Polyfunction) with local kernel function (Gauss function). The MKPCA experiment results show that itimproves the ability of classification and the performance of extracting nonlinear features.(2) An intrusion detection algorithm based on dynamic particle swarm optimization and SVM isproposed, named Dynamic Particle Swarm Optimization-Support Vector Machine (DPSO-SVM). Ituses weight function and acceleration factor function to strengthen the searching ability of PSO, andbalance the ability of the global search and local search. This paper uses DPSO-SVM to classfy thedata which processed by MKPCA, as the result, the algorithm convergences fast and solves theblindness and randomness of selecting parameters.(3) An intrusion detection algorithm based on Dynamic Chaos-Particle Swarm Optimization andSVM is proposed, named Dynamic Chaos-Particle Swarm Optimization-Support Vector Machine(DCPSO-SVM). It combines Chaos with DPSO algorithm. By using the property of Chaosergodicity and diversity, the method further improves the convergence speed of DPSO algorithmand the accuracy of SVM.