| Summary: | 碩士 === 國立臺灣大學 === 電機工程學研究所 === 105 === As the Internet technology advances, the modern network traffic is different from the past. Our study is aimed at the contemporary network intrusion detection dataset. By constructing a hybrid intrusion detection system to detect network anomalies, we propose using a feature discretization method and a cluster analysis algorithm to separate the training samples into two groups, the normal group and the anomaly group and then the new classification model is built to improve the performance of the anomaly group classification. The feature discretization method considers the interdependence between features and labels. Class information is added into the attributes to enhance the clustering results. For the anomaly group, several representative features are selected to construct classification model to improve the overall classification performance. Two efficient machine learning algorithms, the Decision Tree algorithm and the Bayesian Network algorithm, are adopted in our experiment. The experiment results show that our method can increase both the normal and anomaly detection rate, precision and accuracy. For the classification of new types of modern attacks, our approach also can improve the overall accuracy.
|
|---|
