Research Of SVM Based Intrusion Detection Technology In Hospital Unified Outreach Platform

The construction of hospital information platform is the only way which must be passed outside is in between the external and internal business system,the establishment of communication link through the Internet,but the communication parties must have security access mechanism as a guarantee,in order to make a lot of internal information network in the hospital is not to be malicious analysis.With the emergence of attacks on the network,the intrusion detection technology can capture,analyze and monitor the intrusion behavior,which can not be identified by the firewall.In this paper,a complete intrusion detection model is proposed,which is composed of data collection,information processing,intrusion detection and response.The information collection part to realize data acquisition using Winpcap technology,set the filtering rules;information processing and analysis part according to the TCP/IP protocol to achieve agreement branch processing,according to KDD CUP99 data set TCP is connected with the basic features and content features,traffic and host network traffic statistical characteristics based on the intrusion detection system as the pretreatment of audit records intrusion detection;intrusion detection module according to the function of different types to invoke different attack protocol,through the improved support vector machine(SVM)algorithm to distinguish the network data transmission network in hospital is normal or abnormal,and the introduction of Boyer-Moore(BM)algorithm,intrusion information,meet the efficiency of data matching,fast through the processing of massive raw data server package.In this paper,the original SVM algorithm the basic classification principle is studied,found in the application of original SVM algorithm classification of data in the network,the algorithm easy to fall into local optimal solution,and the real-time performance is not very good,put forward a strategy to improve the classical SVM algorithm.Through the research of swarm intelligence optimization algorithm,based on the experimental simulation times on using RBF as the kernel function of SVM algorithm,the artificial bee colony(ABC)algorithm to optimize the improvement ideas of SVM algorithm,to overcome the defects of the original SVM algorithm.The results show that the training speed and accuracy of the algorithm are improved,and both the global and local optimal solutions are considered.Based on the above research,this paper designs an intrusion detection system,and determines the deployment structure of the system.Based on the study of port scanning technology and various types of attacks,by simulating Dos and R2L attacks,verifies that this system can efficiently identify the attacker,improve the protection of network defense system.