Research On Intrusion Detection Technology Based On Optimized Least Square Support Vector Machine

In the era of rapid development of computer network and information technology,Internet technology has already penetrated people's life and work,and become an integral part of social life.Although the application of these network technologies brings convenience to people's lives,it also brings many security issues,such as Trojans,ransomware,and system vulnerabilities.Hackers or lawless people take advantage of these security problems,causing serious economic losses to the countries,enterprises and individuals.With the rapid development of the Internet,traditional security protection measures such as firewalls are difficult to support the security requirements of the network.Intrusion detection technology arises at the historic moment.It is an active defense technology,an effective security protection technology after the security protection of firewall technology,access control technology,information encryption technology,etc.,which brings more security means for network security.The traditional intrusion detection technology has the disadvantages of low detection rate,high false positive rate and false negative rate,which can not meet the current network security needs.In recent years,machine learning technology has been applied in the field of intrusion detection and become the hot spot of frontier research.This paper mainly studies the application of machine learning in intrusion detection,and proposes the intrusion detection technology based on the optimized least square support vector machine.Intrusion detection technology is mainly divided into two parts:one is to study data processing and dimensionality reduction;the other is to study intrusion detection classification algorithm to improve the accuracy of identifying normal data and malicious attack data.This paper studies these two parts.The main work of this paper is as follows:1.Based on the research and analysis of the existing data,an improved version of the KDD CUP99 based data set NSL-KDD data set was selected.The training set in this data set deleted redundant records,and there were no duplicate records in the test set.The type setting is relatively reasonable.2.Aiming at the problem of high data dimension,this paper studies the feature dimension reduction.Feature dimensionality reduction is mainly divided into two methods:feature selection and feature extraction.In this paper,a mixed method of data dimensionality reduction is proposed,which combines feature selection and feature extraction.First,feature selection:use the information gain method and the ReliefF method to sort the feature importance of the data set in descending order,where the characteristics of important parameters are relatively high,and use the same classification algorithm as the evaluation function to select the best one for each Feature subset set,and then save the two feature subset sets into one set according to "seeking the same while reserving the differences”;and then perform feature extraction,feature extraction use principal component analysis,reduces the dimension of feature subset again;finally,the new feature subset is used as the data set for intrusion detection.3.Support vector machine is an algorithm to find the optimal hyperplane.Based on the principle of minimizing structural risks,it has obvious advantages for high-dimensional,non-linear,and small sample intrusion detection.Based on the research of support vector machine,the least square support vector machine is proposed by researchers..The least square support vector machine is an improved support vector machine,which can solve the convex quadratic programming problem and has strong generalization ability.The method not only reduces the complexity of the calculation but also speeds up the solution.In this paper,the least squares support vector machine is applied to the classification of intrusion detection.4.In view of the facet the parameters of least square support vector machines cannot be effectively determined,it is basically determined by experience.This paper introduces the ant colony algorithm.In order to solve the problems that traditional ant colony algorithm is easy to fall into local optimization and slow convergence,the ant colony algorithm is optimized and improved.Build the least squares support vector machine fusion algorithm based on ant colony optimization,and the ability of ant colony algorithm to optimize was used to optimize the parameters of the least squares support vector machine.Experiments show that the proposed fusion algorithm has better detection performance.