Application Research Of Intrusion Detection Based On Optimized Sparrow Search Algorithm

With the advent of 5G,things are getting more complicated in cyberspace.As a real-time monitoring system,intrusion detection system can give a warning in time when abnormal conditions occur on the network.Based on network traffic data to identify network attacks,high detection accuracy and low false positive rate are always the goals of intrusion detection systems.Machine learning and deep learning methods can learn potential patterns in network traffic data and help intrusion detection systems to identify network abnormal behaviors efficiently.Many problems need to be considered in the establishment of intrusion detection model,such as the selection of classifier,the setting of hyperparameters and the computing resources consumed by model training.Support Vector Machine(SVM)has simple structure and strong classification performance.Convolutional Neural Network(CNN)and short and Long ShortTerm Memory Network(LSTM)have strong ability to solve complex problems and good adaptability.However,these three models are vulnerable to parameter influence.The intrusion detection model based on the improved Sparrow Search Algorithm(CWTSSA)and SVM,the intrusion detection model based on CNN-LSTM and the intrusion detection model based on CWTSSA optimization CNN and CNN-LSTM are designed.In this paper,the Sparrow Search Algorithm(SSA)is optimized to obtain the CWTSSA algorithm,and then the CWTSSA algorithm is used to optimize the parameters of SVM,CNN and CNN-LSTM model to improve the detection performance of the algorithm.Intrusion detection schemes based on sparrow search algorithm,model parameter optimization,model fusion and other technologies are mainly studied as follows:(1)Aiming at the problem of insufficient population diversity in the late iteration of SSA algorithm,the Circle chaotic mapping function with uniformity and ergodicity was used to initialize the sparrow population,which affected the initial location information of the sparrow population and enriched the population diversity;To solve the problem that SSA algorithm is easy to fall into local extremal space in the process of optimizing search,the adaptive inertia weight factor is introduced into the algorithm formula,and the global optimal solution of the previous generation is added into the discoverer sparrow position update formula,so that the algorithm is not easy to fall into local space.In view of the problem that the algorithm is still trapped in the local extremum space in the late iteration,the t-distribution idea is introduced and the student mutation operator is used to disturb the individual sparrows,so that the individual sparrows can jump out of the local space and improve the global optimization ability of the algorithm.The test results show that CWTSSA algorithm has some advantages in convergence speed,stability and solving accuracy,which verifies the feasibility of sparrow search algorithm optimization in this paper.CWTSSA algorithm can be an effective tool to solve the optimization problem.(2)Considering that the detection accuracy and generalization ability of SVM model are easily affected by penalty parameter C and kernel parameter g,an intrusion detection model based on CWTSSA-SVM is proposed.Firstly,the sparrows were coded by real numbers,and the CWTSSA algorithm was used to optimize the SVM parameter combination [C,g] iteratively,taking the classification error rate as fitness function.Then,the model was trained on the training data set,and the optimal detection model was obtained by assigning the decoded value of the best fitness value to two parameters.Finally,the dichotomous experiment of normal class and abnormal class is carried out on KDD99 test set.According to the experimental results,the intrusion detection model based on CWTSA-SVM proposed in this paper can ensure high accuracy and low false positive rate.In addition,it can be seen from the iterative convergence curve that the model has a fast detection speed,which reflects the necessity of parameter optimization,it is proved that this method can improve the performance of intrusion detection.(3)Considering the time continuity and spatial locality of network traffic data,as well as the advantages of CNN and LSTM models in feature extraction,CNN and LSTM models are combined in series to propose an intrusion detection model based on CNN-LSTM.Considering that the detection effect of the deep learning model is easily affected by parameters,the intrusion detection model based on CWTSSA-CNN and CWTSAA-CNN-LSTM is proposed by using the strong optimization performance of CWTSSA algorithm to optimize the model learning rate and other parameters.According to the experimental results of five intrusion detection categories,the intrusion detection model based on CWTSSA-CNN and CWTSSA-CNN-LSTM proposed in this paper can achieve higher accuracy,lower false positive rate and faster detection speed,which proves that the intrusion detection method proposed in this paper has certain effectiveness and practicability.