摘要
随着互联网技术的迅猛发展,网络安全领域中的入侵检测任务变得更加重要。针对目前入侵检测中存在的特征维度高、数据类别不平衡以及单一分类器检测率低的问题,提出了一种基于Powershap和混合采样的动态集成入侵检测模型。首先,通过Powershap算法对数据集进行特征选择。随后,采用RENNBorderlineSMOTE混合采样算法,对特定类别数据分别进行欠采样和过采样处理,解决数据集中的类别不平衡问题。最后,基于广义多样性从多个基分类器中筛选出最优组合,并将其集成至动态集成框架KNORAE中以结合多个基分类器的优势。模型在CIC-IDS2017数据集上进行了验证,证实了该模型在网络流量检测中的优越性。
With the rapid development of Internet technology,the task of intrusion detection of the field of network se‐curity has become more important.Aiming at the problems of high feature dimension,imbalance of data categories and low model detection rate of single classifiers in current intrusion detection,a dynamic integrated intrusion detec‐tion model based on Powershap and hybrid sampling was proposed.Firstly,the Powershap algorithm was used for fea‐ture selection of the dataset.Subsequently,the hybrid RENN-BorderlineSMOTE sampling algorithm was applied to address the category imbalance in the dataset by under-sampling and over-sampling specific categories of data.Fi‐nally,the optimal combination was filtered from multiple base classifiers based on Generalization Diversity and inte‐grated into the dynamic integration framework KNORAE to combine the advantages of multiple base classifiers.The model was validated on the CIC-IDS2017 dataset,which confirmed the superiority of the model in network traffic detection.
作者
黄冬梅
颜昊
张文博
胡安铎
孙锦中
孙园
HUANG Dongmei;YAN Hao;ZHANG Wenbo;HU Anduo;SUN Jinzhong;SUN Yuan(College of Electrical Engineering,Shanghai University of Electric Power,Shanghai 200090,China;College of Electronic and Information Engineering,Shanghai University of Electric Power,Shanghai 201306,China;School of Information,Shanghai Ocean University,Shanghai 201306,China;College of Mathematics and Physics,Shanghai University of Electric Power,Shanghai 201306,China)
出处
《电信科学》
北大核心
2025年第10期132-142,共11页
Telecommunications Science
基金
国家自然科学基金青年科学基金资助项目(No.62102243)。
关键词
入侵检测
类别不平衡
集成学习
综合采样
intrusion detection
class imbalanced
ensemble learning
mixed sampling
