基于随机森林和XGBoost的网络入侵检测模型

Network intrusion detection model based on random forest and XGBoost

  • 摘要: 为提高复杂网络环境中入侵检测模型的准确性和实时性,提出一种基于随机森林和极端梯度提升树(XGBoost)的网络入侵检测模型RF-XGB。首先针对随机森林算法计算特征重要性的特点,设计混合特征选择方法高效筛选出最有价值的特征子集;在XGBoost算法中引入代价敏感函数来提高对少样本类别的检测率,使用网格法调参降低模型复杂度。实验仿真结果表明,与其它机器学习算法相比,所提出的模型在具备更高检测精度的情况下减少了50%以上的处理时间,并在噪声影响下具有较好的鲁棒性和自适应性。

     

    Abstract: To improve the accuracy and real-time performance of intrusion detection models in complex net-work environments, a network intrusion detection model based on random forest and eXtreme Gra-dient Boosting (XGBoost) is proposed. First, the feature importance is calculated based on the ran-dom forest algorithm. A hybrid feature selection method combining filtering and embedded is used to reduce the feature dimension of the dataset. When detecting the sample category, the XGBoost algorithm based on cost-sensitive function and grid method tuning is used to improve Model accu-racy. Experimental simulation results show that compared with other machine learning algorithms, the proposed model greatly reduces processing time by more than 50% with higher detection accu-racy, and has better robustness and adaptability.

     

/

返回文章
返回