• 中国精品科技期刊
  • CCF推荐A类中文期刊
  • 计算领域高质量科技期刊T1类
Advanced Search
Ren Jiadong, Liu Xinqian, Wang Qian, He Haitao, Zhao Xiaolin. An Multi-Level Intrusion Detection Method Based on KNN Outlier Detection and Random Forests[J]. Journal of Computer Research and Development, 2019, 56(3): 566-575. DOI: 10.7544/issn1000-1239.2019.20180063
Citation: Ren Jiadong, Liu Xinqian, Wang Qian, He Haitao, Zhao Xiaolin. An Multi-Level Intrusion Detection Method Based on KNN Outlier Detection and Random Forests[J]. Journal of Computer Research and Development, 2019, 56(3): 566-575. DOI: 10.7544/issn1000-1239.2019.20180063
shu

An Multi-Level Intrusion Detection Method Based on KNN Outlier Detection and Random Forests

  • 1(School of Information Science and Engineering, Yanshan University, Qinhuangdao, Hebei 066001)

  • 2(Hebei Key Laboratory of Software Engineering (Yanshan University), Qinhuangdao, Hebei 066001)

  • 3(School of Software, Beijing Institute of Technology, Beijing 100081)

  • 4(Beijing Key Laboratory of Software Security Engineering Technology (Beijing Institute of Technology), Beijing 100081)

More Information
  • Published Date: February 28, 2019
    Graphical Abstract
    • Abstract
  • Intrusion detection system can efficiently detect attack behaviors, which will do great damage for network security. Currently many intrusion detection systems have low detection rates in these abnormal behaviors Probe (probing), U2R (user to root) and R2L (remote to local). Focusing on this weakness, a new hybrid multi-level intrusion detection method is proposed to identify network data as normal or abnormal behaviors. This method contains KNN (K nearest neighbors) outlier detection algorithm and multi-level random forests (RF) model, called KNN-RF. Firstly KNN outlier detection algorithm is applied to detect and delete outliers in each category and get a small high-quality training dataset. Then according to the similarity of network traffic, a new method of the division of data categories is put forward and this division method can avoid the mutual interference of anomaly behaviors in the detection process, especially for the detecting of the attack behaviors of small traffic. Based on this division, a multi-level random forests model is constructed to detect network abnormal behaviors and improve the efficiency of detecting known and unknown attacks. The popular KDD (knowledge discovery and data mining) Cup 1999 dataset is used to evaluate the performance of the proposed method. Compared with other algorithms, the proposed method is significantly superior to other algorithms in accuracy and detection rate, and can detect Probe, U2R and R2L effectively.
    • FullText(HTML)
    • References (0)
    • Related Articles

  • Related Articles

    [1]Zhao Xingwang, Zhang Yaopu, Liang Jiye. Two-Stage Ensemble-Based Community Discovery Algorithm in Multilayer Networks[J]. Journal of Computer Research and Development, 2023, 60(12): 2832-2843. DOI: 10.7544/issn1000-1239.202220214
    [2]Zhao Xia, Zhang Zehua, Zhang Chenwei, Li Xian. RGNE:A Network Embedding Method for Overlapping Community Detection Based on Rough Granulation[J]. Journal of Computer Research and Development, 2020, 57(6): 1302-1311. DOI: 10.7544/issn1000-1239.2020.20190572
    [3]Zheng Wenping, Che Chenhao, Qian Yuhua, Wang Jie. A Two-Stage Community Detection Algorithm Based on Label Propagation[J]. Journal of Computer Research and Development, 2018, 55(9): 1959-1971. DOI: 10.7544/issn1000-1239.2018.20180277
    [4]Du Hangyuan, Wang Wenjian, Bai Liang. An Overlapping Community Detection Algorithm Based on Centrality Measurement of Network Node[J]. Journal of Computer Research and Development, 2018, 55(8): 1619-1630. DOI: 10.7544/issn1000-1239.2018.20180187
    [5]Liu Yao, Kang Xiaohui, Gao Hong, Liu Qiao, Wu Zufeng, Qin Zhiguang. A Community Detecting Method Based on the Node Intimacy and Degree in Social Network[J]. Journal of Computer Research and Development, 2015, 52(10): 2363-2372. DOI: 10.7544/issn1000-1239.2015.20150407
    [6]Xin Yu, Yang Jing, Xie Zhiqiang. A Semantic Overlapping Community Detecting Algorithm in Social Networks Based on Random Walk[J]. Journal of Computer Research and Development, 2015, 52(2): 499-511. DOI: 10.7544/issn1000-1239.2015.20131246
    [7]Sun Yifan, Li Sai. Similarity-Based Community Detection in Social Network of Microblog[J]. Journal of Computer Research and Development, 2014, 51(12): 2797-2807. DOI: 10.7544/issn1000-1239.2014.20131209
    [8]Zhu Mu, Meng Fanrong, and Zhou Yong. Density-Based Link Clustering Algorithm for Overlapping Community Detection[J]. Journal of Computer Research and Development, 2013, 50(12): 2520-2530.
    [9]Deng Xiaolong, Wang Bai, Wu Bin, and Yang Shengqi. Modularity Modeling and Evaluation in Community Detecting of Complex Network Based on Information Entropy[J]. Journal of Computer Research and Development, 2012, 49(4): 725-734.
    [10]Lin Youfang, Wang Tianyu, Tang Rui, Zhou Yuanwei, Huang Houkuan. An Effective Model and Algorithm for Community Detection in Social Networks[J]. Journal of Computer Research and Development, 2012, 49(2): 337-345.

Catalog

    Get Citation
    PDF
    XML
    Article views (1862) PDF downloads (640) Cited by()
    Turn off MathJax
    Article Contents
    Abstract
    Related Articles
    Email Alert RSS
    微信订阅号<br/>(实时资讯)

    微信订阅号
    (实时资讯)

    微信服务号<br/>(同步网站)

    微信服务号
    (同步网站)

    微信视频号<br/>(视频分享)

    微信视频号
    (视频分享)

    CCF<br/>(扫码入会)

    CCF
    (扫码入会)

    Copyright © Editorial Department of Computer Research and Development

    Supported by: Beijing Renhe Information Technology Co., Ltd. Baidu Analytics

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return