Research On Feature Selection And Bayesian Network Method In Network Intrusion Detection

As the Internet of Things,big data,cloud computing and other technologies penetrate into people's lives.Network security has become the focus of attention.For sensitive network information,if it cannot be effectively protected,it will greatly limit the development of high-tech industries.At present,various new network security issues are emerging in an endless stream.We need to constantly update network security technology to cope with the ever-changing complex network environment.In response to the above-mentioned problems,this article conducts research on data sets,data preprocessing methods,and machine learning algorithms.First,the characteristics of the currently widely used intrusion detection data set UNSW?NB 15 are analyzed in detail.Find out whether the data attribute of the data set is discrete.Perform data preprocessing on this basis.Improving the efficiency of the algorithm.Using different feature selection and classification algorithms to classify the data set after data preprocessing.Analyzing the relationship between the two.Detection efficiency is improved.Secondly,in view of the low accuracy of traditional classification algorithms.An improved principal component analysis method was kicked out.The algorithm weights the feature vector after dimensionality reduction according to the variance contribution rate of the eigenvectors and the penalty factor.Classify the weighted feature vector with K-nearest neighbor.It is found through experiments that this method can improve the classification performance.Thirdly,in view of the complex construction of Bayesian networks.Improving the algorithm on the basis of hill climbing algorithm and information theory.Constructing the initial network through mutual information and conditional relative average entropy.Then,combining with the hill climbing algorithm to optimize.So as to get a better network.In view of the large amount of calculation of the hill climbing algorithm.Then it is proposed to first calculate the absolute value of the conditional relative average entropy difference between each node.Then limit the maximum number of parent nodes according to the absolute value.Experiments have proved that the model constructed by the algorithm is relatively stable and accuracy is improved.Finally,in response to the ever-changing types of network attacks.The K-Means outlier detection method is improved.Under the premise that the new attack is regarded as the outlier,the improved method is introduced into the new attack discovery.And explore the influence of K value on algorithm performance.Then,compared with traditional algorithms.It is found that the improved model performs better.