Network Intrusion Detection And Security Analysis

Since the beginning of the 21 st century,Industrial Internet technology has made breakthrough progress.Industrial production has changed from traditional mechanized production to information production.With the gradual maturity of 5G technology,China's Industrial Internet has gradually moved from the initial concept to implementation,and the application prospects of Industrial Internet have become more abundant,which will greatly promote the improvement of social productivity.However,in the context of the sharing of network resources,industrial Internet security issues have become increasingly important.Various endless network intrusions,such as web page viruses and hacking attacks,have caused huge losses and threats to socioeconomic and corporate costs.Therefore,industrial network security has become an urgent issue.As an important barrier to ensure network security,intrusion detection technology is different from traditional firewalls and data encryption.It can actively identify and prevent intrusions from outside the host,and can quickly and accurately make defense measures,which can effectively ensure industry network security.The research on intrusion detection technology mainly includes two aspects.The first is the processing of network data sets,and the second is the improvement and improvement of classification algorithms.Traditional classification algorithms such as support vector machines and neural networks are required.A large amount of high-quality data,but the network intrusion data has the characteristics of imbalanced data distribution,new emerging traffic without corresponding training data,and insufficient feature extraction.This has led to the traditional detection model's detection accuracy needs to be improved,detection time delay,Insufficiencies such as poor ability to solve problems.In view of these difficulties,this article conducts research in the following areas:(1)In view of the high dimensionality of the network intrusion data set,the large amount of redundant information,and the imbalanced data distribution,the traditional principal component analysis method has a poor dimension reduction effect,resulting in unsatisfactory detection results.This paper uses the improved principal component analysis method in the data processing stage to combine information entropy and principal component analysis.First,use information entropy to set thresholds to select features,and perform preliminary dimensionality reduction on the original data set.Second,select a certain proportion of features based on the weight value of each feature vector in the experimental results,and use the newly generated data.Set to replace the original data set,and then use PCA for secondary dimensionality reduction.According to the comparison of simulation experiment results,the improved PCA is more effective than the traditional PCA.(2)An improved support vector machine parameter optimization method was proposed during the classification model detection phase.A grid search algorithm was used to find a set of optimal parameters(C,g)for the RBF kernel function,which was used as a particle swarm algorithm At the initial search point,the particle swarm optimization algorithm was used to make a deeper optimization search in its range,and finally the global optimal parameter was found.The comparison of the obtained experimental data shows that the improved network intrusion detection model has a significant improvement in detection accuracy and time.(3)In view of the fact that machine learning methods can only identify numbers,in the data preprocessing stage,the attribute values are transformed,table transformed,and normalized on the data set,so that the original data set is transformed into a 0-1 with a uniform metric.digital.(4)In the evaluation of the experimental results,the detection time,detection accuracy and the number of support vectors are used as evaluation standards.The detection accuracy and detection time determine the accuracy and response speed of the model,and the number of support vectors determines the generalization of the model.