The Intrusion Detection System Based On The Dimension Reduction Of Data And Support Vector Machine

Safety monitoring is the security of a computer network, intrusion detection is a technology which is designed to find and identify intrusion, it is also a technology which is used to test whether a certain behavior is in violation of the network security policy. It is easy to find the alarm before the damage occurred with the application of intrusion detection system, we can also limit the occurrence of a certain behavior with the response of the alarm,this of course reduce the invasion attack damage. The intrusion detection system can keep the attack information after the invasion attack,which can be regard as the original data information of the monitoring model. This information is added to the library and used to detect the intrusion behavior later.According to the network detection analysis method, network intrusion detection can be divided into two categories,one is the intrusion detection system based on the host computer,the other is the intrusion detection system based on network.In view of the low generalization ability and the time-consuming problem of the existing intrusion detection system, basing on the support vector machine network intrusion detection system, This paper put forward two effective method to solve the problem, which is called the principal component analysis method based on the similar attribute and the nonlinear projection pursuit method. This paper we combine the two methods with the support vector machine method, at last we put forward two network intrusion detection system, one is the network intrusion detection system based on the similar attribute principal component analysis and support vector machine method,the other is called the network intrusion detection system based on nonlinear projection pursuit and support vector machine.As the noisy of the data, it has a bad influence to the detection accuracy of the intrusion detection system, this article introduces the low rank matrix Reconstruction techniques embarking from the compressed sensing theory.we can begin with the traditional principal component analysis method, we transform the problem into constrained optimization problem using the advanced algebra knowledge. The accelerated adjacent gradient algorithm is used to solve the constrained optimization problem.This paper form a network intrusion detection system based on low rank matrix Reconstruction and support vector machine.According to the network intrusion detection model, a model is decided by the detection situation of the system.The core of the intrusion detection system is how to determine a behavior accurately. Network data connection is an important data source about the intrusion detection,and the key to solve the intrusion detection problem is how to process the data properly, we can judge the user behavior through the analysis of the data. This paper have the famous KDD99 data set as the simulation experiment data, the data contains a large number of normal data and abnormal attack behavior, and the data is got from the us air force simulation of local area network offline, so it is sufficient to describe a real network environment.Empirical analysis is an important way to detect the intrusion system, According to the existing intrusion detection system,this paper put forward two intrusion detection system, one is named the intrusion detection system based on the principal component analysis and support vector machine. The other is called the network intrusion detection system which is based on nonlinear projection pursuit and support vector machine.And this paper put forward a network intrusion detection system based on low rank matrix Reconstruction and support vector machine. We use the KDD99 data to achieve the empirical analysis.The result shows that the new system has stronger generalization ability and detection accuracy,also the system improve the whole process time greatly.