The development of computers and the Internet has changed the mode of independent
computing of computers, facilitated people's lives, and also made the network environment
increasingly complex. Malignant network attacks occur from time to time. Network
information security is related to national security and social stability. Designing a reliable
intrusion detection system to screen unauthorized access to computer system data is an
important and urgent problem in the field of network security. Faced with ever-changing attack
methods and a severe network security situation, traditional intrusion detection methods have
gradually fallen behind the times, making it difficult to cope with the constantly changing
network environment and evolving network attack technologies. Therefore, more and more
scholars choose to combine machine learning algorithms with intrusion detection systems to
build more intelligent detection systems.
This article is based on the classic network intrusion dataset NSL-KDD. Firstly, the
random forest algorithm is used to reduce its dimensionality, and part of the processed data is
extracted to construct KNN model, BP neural network model, and support vector machine
model to classify the sample data. The results show that the overall classification accuracy of
the support vector machine model is improved by 6.2% to 13.6% compared to the other two
models, and the false alarm rate and false alarm rate of the sample data are significantly
reduced compared to the other two models. It also has certain classification ability for attack
types with small sample data.
Secondly, in response to the problem of slow global search convergence speed and easy
falling into local optima when solving certain optimization problems in the snake algorithm,
this paper proposes an improved Chao-LSO algorithm based on chaotic mapping and Levi's
flight method, which introduces chaotic mapping method to replace the conventional uniform
distribution random number generation method to generate the initial population, enhancing
the randomness and traversal of the initial population; Introducing the Levy flight algorithm tomutate the male population and enhance its mobility efficiency in the global search step. Eight
benchmark functions on CEC2005 and four complex functions on CEC2017 were selected for
numerical experiments. The results showed that compared to the pre improved SO algorithm,
GA algorithm, and PSO algorithm, Chao-LSO algorithm has faster convergence speed and
stronger optimization performance.
Finally, a Chao-LSO-SVM model based on the Improved Snake Algorithm (Chao-LSO)
was designed to optimize support vector machine parameters for intrusion data detection. Use
Chao-LSO algorithm, SSA algorithm, and PSO algorithm to find the optimal hyperparameter
combination for support vector machines, establish optimization models for the three
algorithms, and conduct intrusion detection experiments on the NSL-KDD dataset. The
experimental results show that the Chao-LSO-SVM model has an average accuracy of 95.67%
in three experiments when classifying the test set. Compared with SSA-SVM and PSO-SVM
models, the classification results of the test set have improved by 5.11% and 9.42%,
respectively. In addition, when the Chao-LSO-SVM model classifies the subclasses of DDoS
attacks and Probe attacks, the classification accuracy of the test set is 99% and 98.5%,
respectively. This model also has good classification performance for different attacks of the
same type.
谷歌
火狐
