Firstly, we introduce intrusion detection system and anomalydetection. And then we do some research on machinelearning techniques for anomalydetection by network dataset NSL-KDD. The machinelearning algorithms suc...
详细信息
Firstly, we introduce intrusion detection system and anomalydetection. And then we do some research on machinelearning techniques for anomalydetection by network dataset NSL-KDD. The machinelearning algorithms such as J48, Random forest, SVM, Vote, Stacking are selected. Random Forest, Vote and stacking are ensemble learning methods. We try to test and verify performance of multiplemachinelearning methods on a 20 per cent NSLKDD dataset by experiment. The experiment data has two parts. First, the 20 per cent NSLKDD dataset is classified into normal and anomaly. Second, the feature of attack type is added to the 20 per cent NSL-KDD dataset, and then a new dataset is generated. It is classified into normal and other four classes of attack. The experiment is accomplished by WEKA. The result is compared on the basis of typical indexes and confusion matrix. At last,we can draw a conclusion that an appropriate ensemble classifier can achieve better classification performance than a single classifier for anomalydetection.
暂无评论