| In recent years,network security has become one of the most concerned topics on the Internet.Intrusion detection systems,firewalls,and antivirus systems are currently the three mainstream technical solutions to ensure network security.Intrusion detection technologies are iteratively upgraded with the update of network attack types.The development of an artificial intelligence-based intrusion detection system requires a comprehensive network security data set.The available data set must contain all types of network attacks and attack characteristics.The collection,marking,and processing process is very complicated.The standard data sets for network security range from KDD'98,KDD'99,NSL-KDD,UNSW-NB15,and CSE-CIC-IDS2018.During the development of the data sets,the types of attacks,signatures,and network protocols contained in the data sets vary greatly.Among them,the latest data set CSE-CIC-IDS2018 data set only provides the original traffic package(pacp),log file and characteristic traffic file(CSV),and does not divide the standard training set and test set.This paper first performs preprocessing operations such as data cleaning and data integration on the CSE-CIC-IDS2018 data set,and finally divides the training set and the test set at a ratio of 4:1 to construct a data set that can be used for artificial intelligence training.Then use the NSL-KDD data set to compare the performance of intrusion detection models such as logistic regression and decision trees.On this basis,finally use the XGBoost algorithm to train a classification accuracy rate of 99% after parameter tuning.model.On the processed data set,comparing the results of other classic classification models,it proves that the performance of XGBoost is better than other machine learning algorithms. |
PDF Full Text Request