KPCA Algorithms Improvement And Application Research In Intrusion Detection

The 21 st century is the era of rapid development of human society and network technology. With the development of computer technology the crimes of various networks increasingly rampant and their ways and means become more and more covert so it is difficult to be found, both individuals and organizations will suffer losses once hit by cyber attacks. Therefore governments pay more and more attention to network information security protection, such as introduce policies and set up institutions enhance the maintenance work of internet security. The opening characteristics of network determine its own deficiencies in information security, with the development of computer technology the security system can be breached more and more easily. With the development of electronic commerce, network intrusion is not only happened in large companies but also began to steal personal information and property, so it’s important to research the effective detection system of network intrusion.In the network intrusion detection system, the extracting features of network intrusion is an important breakthrough to determine whether an intrusion has happened, so feature extraction technology is an important part in the study of intrusion detection. Effective feature extraction techniques can greatly decrease the intrusion detection system response time, and can give early warnings and take appropriate measures to deal with intrusions. This paper first analysis of intrusion detection methods and technology research, the detection technology is widely used in the paper. In view of the traditional kernel principal component analysis(KPCA) lack of extracted feature combination in intrusion detection application for pattern classification problems; this paper proposes an improved KPCA based on information measure. The aggregation degree within class and dispersion degree between class comprise information measure of each feature vector in the training sample. It is used to replace the cumulative contribution rate of the traditional KPCA. The selected feature combination is advantageous to detect abnormalities.This paper uses discrete degree between classes and class within the aggregation degree the information grade which be made of discrete degree between classes and class within the aggregation degree replace the contribution rate made by KPCA method. To form a new feature space by n eigenvectors those have highest degree of information. To measure the relationship between the new feature space and the sample classification, should choice the best feature combination which most advantageous to the classification problem, so the concept of similarity proposed in this paper to compute the correlation degree between eigenvector and sample sort to get ride of the combination of feature vector. The correlation of feature vector and the sample category is 0 or tends to 0. Experiment chooses subsets extracted from KDDCUP99 data set as the experimental data. Firstly, the 3D space is composed of selected the first 3 feature vectors of by the improved method extracted the feature space. Samples of different classes is well separated in 3 d space, it shows this paper the improved method has better classification ability. In a more accurate classification, this paper uses C4.5 classification algorithm to extract the features for anomaly detection. Through the experiment, this paper improved algorithm compared with KPCA algorithm, the improved algorithm has made a larger increase in accuracy, leakage alarm rate and false alarm rate are lower. From the experiment on the performance, the improved method has quantity less than KPCA method in the selection of feature vector, and each index showed a greater advantage, and calculation consumption is lower. Finally, summarize this stage work, and put forward the direction of future efforts.