网络入侵检测是一种基于网络行为特征的检测技术.近年来,作为信息安全领域中的研究热点,网络入侵检测发展迅速.针对传统入侵检测算法对于数据特征提取较慢的问题,本文提出了基于信息熵理论的免疫算法来提高特征提取速度.为了进一步提高分类精度,本文对Adaboost分类方法进行了改进,在分类过程中判断噪声数据,并对噪声数据的权重进行调整,从而缓解了Adaboost算法的过度拟合.通过对KDD CUP 99数据的实验结果表明,本文方法可以提高免疫算法在特征提取方面的收敛速度,并能有效地提高入侵检测率.
Abstract:Network intrusion detection is a detection technology which is based on the characteristics of network behavior. In recent years, network intrusion detection, as a research focus in the field of information security, had a rapid development. However, traditional intrusion detection algorithms run slow to extract feature. For this problem, this paper proposed the information entropy theory based on immune algorithm to improve the speed of feature extraction. In order to further improve the classification accuracy, the paper has been improved the Adaboost method to recognize the noise data in the classification process and to modify its weight, which could alleviate the Adaboost's overfitting. The experimental results on the KDD CUP 99 showed that this method could speed up the convergence of immune algorithm and improve the intrusion detection rates effectively.