With the rapid development of network technology,various attacks against the network have also shown a trend of explosive growth.The diversity of attacks result in an increasingly complex network environment.On the other hand,the contradiction between multiple types of attacks and limited security rules has led to huge challenges in cyber attack detection.The emergence of machine learning technology has made it possible to implement more efficient and accurate network attack detection.This paper proposes a network attack intelligent discovery technology based on machine learning,which uses supervised learning,unsupervised learning,information entropy and other methods to achieve efficient detection of network attacks.Firstly,according to the information entropy theory,this paper proposes a network traffic characteristic analysis method based on information entropy.In this method,the information gain brought by the different characteristics of the network traffic to the system is taken as the features' contribution.On the one hand,the feature selection is based on the features' contribution to reduce the feature dimension of the redundant feature reduction.On the other hand,we assigning different weights to features based on their contribution,aiming to adapt the algorithm to all types of attacks.Experiments show that this method has a large effect improvement especially for attacks that are difficult to detect in traditional machine learning.Secondly,aiming at the problem of poor network attack detection,this paper proposes an intelligent network attack detection algorithm TNN combining supervised learning and unsupervised learning.Trying to solve the problem of KNN,TNN utilize the advantages of clustering and classification and proposed a novel criterion for measuring the similarity of samples.In addition,TNN ameliorates the way neighbor voting.The main purpose of TNN if to improve precision and recall and reduce false alarm of classifier at the same time.Comparative experiments between multiple algorithms show that TNN can more effectively deal with various types of network attacks. |