Research On Intrusion Detection Technology Using Feature Learning Of Network Attack

With the development of science and technology,the application of Internet technology has filled withour life,and network security issues have become increasingly prominent.The application of machine learning in network security is gradually increasing.Intrusion detection technology still plays an important role in the field of network defense.Currently,enterprises serving in the network security field have their own network security data.The benchmark datasets for researches aretoo old,which cannot meet the research of intrusion detection technology.No matter inthe area of the industrial or the academic,intrusion detection technology still has the problem of low detection rate and high false positive rate.How to effectively detect network attacks is a hot research topic in the field of network security.In order to deal with these problems,this paper proposes an intrusion detection method that uses the characteristics of network attack learning.In order to get a better detection result,we collect the network attack data through the honeypot system,and construct a new network attack dataset,and form an intrusion detection classification model based on deep learning.This paper first studies the honeypot active defense technology.We use the honeypot to build the data capturing system,and use tcpdump to collect the network traffic data packets,use sebek to collect the attacker's behavior data,and extracteffective characteristics(such as service type and duration time)of the attack from data.Then the data collected is normalized and standardized,the discrete data is processed by an effective coding method,the continuous data is normalized,and finally we train a new classification model 'NID NET'(Network Instrusion Detection Net)using the new attack dataset,based on deep learning.Its application in intrusion detection system will improve the detection rate of the network intrusion detection system.We extract 24 effective features of network fromthe experimental datasets.We use the NID NET model to extract data feature by nonlinearly mapping,and to fully explore the relationship between attributes.A comparison experiment is performed on the hyperparameters in the model,and the optimal hyperparameters were used for the classification experiment.The experimental dataset and the KDDCUP99 dataset were used for traning models respectively,and then we make a verification in the NID NET model-based intrusion detection system.The results show that the model usingexperimental dataset training model is significantly better than the KDDCUP99 in the detection rate and false positive rate.The model was trained to verify the validity of the experimental dataset.In addition,we do some experiments to compare the proposed classification method NID NETwith other algorithms.Its performance overrides the two algorithms.Therefore,it is verified that the model of this paper is effective in intrusion detection.