信息网络安全 ›› 2018, Vol. 18 ›› Issue (9): 102-105.doi: 10.3969/j.issn.1671-1122.2018.09.016

• • 上一篇    下一篇

基于Xgboost算法的网络入侵检测研究

张阳, 姚原岗   

  1. 中国信息安全测评中心,北京 100085
  • 收稿日期:2018-07-17 出版日期:2018-09-30 发布日期:2020-05-11
  • 作者简介:

    作者简介:张阳(1994—),男,河南,助理研究员,硕士,主要研究方向为人工智能、机器学习和网络安全;姚原岗(1983—),男,山东,副研究员,博士,主要研究方向为安全数据分析。

  • 基金资助:
    国家自然科学联合基金 [U1536118]

Research on Network Intrusion Detection Based on Xgboost

Yang ZHANG, Yuangang YAO   

  1. China Information Technology Security Evaluation Center, Beijing 100085 China
  • Received:2018-07-17 Online:2018-09-30 Published:2020-05-11

摘要:

机器学习在网络入侵检测中的应用已经受到各界广泛关注,应用的算法主要是决策树、随机森林、logit、KNN等机器学习模型,这些算法发布时间较长、应用成熟、发掘潜力有限。Xgboost算法推出时间相对较晚,在网络入侵检测中的研究较少。文章以此为研究对象,基于入侵检测数据集KDD 99,使用logit、KNN、决策树、随机森林、Xgboost等机器学习模型分别进行5折交叉验证,计算和比较这些算法的识别效果。试验结果表明,同已有的机器学习算法相比,Xgboost算法在各种入侵检测中均有优异的表现,算法在网络入侵检测领域有较大的发展空间。

关键词: Xgboost, 机器学习, 入侵检测

Abstract:

The application of machine learning in network intrusion detection has attracted wide attention, and the main algorithms used are decision tree, random forest, logistic regression, KNN (K-Nearest Neighbor) and other machine learning models. These algorithms are long published, mature and have limited potential. Xgboost (eXtreme Gradient Boosting) algorithm is relatively new, and has less research in network intrusion detection. Based on intrusion detection data set KDD 99, this paper uses logit, KNN, decision tree, random forest and Xgboost to perform 5 fold cross validation, calculates and compares recognition effects of these algorithms. The test results show that Xgboost algorithm has excellent performance in intrusion detection compared with the existing machine learning algorithms, and has a large space for development in the field of network intrusion detection.

Key words: Xgboost, machine learning, intrusion detection

中图分类号: