跳到主要內容

臺灣博碩士論文加值系統

(44.200.194.255) 您好!臺灣時間:2024/07/19 04:50
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:戴佳樺
研究生(外文):TAI,CHIA-HUA
論文名稱:探索Content特徵對網路入侵偵測的影響:以NSL KDD資料集為基礎的特徵集機器學習方法評估
論文名稱(外文):Exploring the Impact of Content Features on Network Intrusion Detection: An Evaluation of Feature Set Machine Learning Methods Based on the NSL-KDD Dataset
指導教授:洪國銘洪國銘引用關係
指導教授(外文):HUNG,KUO-MING
口試委員:陳慶逸劉鎮豪洪國銘
口試委員(外文):CHEN, CHING-YILIU, CHEN-HAOHUNG,KUO-MING
口試日期:2024-06-30
學位類別:碩士
校院名稱:開南大學
系所名稱:資訊學院碩士在職專班
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2024
畢業學年度:112
語文別:中文
論文頁數:59
中文關鍵詞:入侵偵測系統機器學習特徵篩選遞迴特徵消除法網路安全
外文關鍵詞:Intrusion Detection SystemMachine LearningFeature SelectionRecursive Feature EliminationNetwork Security
相關次數:
  • 被引用被引用:0
  • 點閱點閱:22
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
網路安全問題日益複雜化,惡意攻擊行為層出不窮。入侵偵測系統(Intrusion Detection System, IDS)為網路安全防護的重要手段之一,不同方法檢測網路中的異常行為,防範潛在攻擊。本文探索Content特徵中不同特徵組合對隨機森林(Random Forest)和支持向量機(Support Vector Machine)演算法的影響。NSL-KDD資料集是KDD 99資料集的改進版本,重複性低,更能突出各特徵對演算法結果的影響,首先對NSL-KDD資料集進行正規化處理,確保各特徵數據的一致性,再選用遞迴特徵消除法(Recursive Feature Elimination, RFE)對Content特徵進行篩選和測試,評估其對隨機森林和支持向量機演算法性能的影響。實驗結果表明,Content特徵在隨機森林和支持向量機演算法中的貢獻度不同,通過對比分析未添加Content特徵時的測試準確率與添加後的變化。
The increasing complexity of network security issues and the proliferation of malicious attacks have made intrusion detection systems (IDS) a crucial means of network security protection. IDS employs different methods to detect abnormal behavior in the network and prevent potential attacks. This paper explores the impact of different feature combinations in Content features on the Random Forest and Support Vector Machine (SVM) algorithms. The NSL-KDD dataset, an improved version of the KDD 99 dataset, has low redundancy and better highlights the influence of each feature on the algorithm results. First, the NSL-KDD dataset is normalized to ensure the consistency of feature data, then the Recursive Feature Elimination (RFE) method is used to select and test the Content features, evaluating their impact on the performance of the Random Forest and SVM algorithms. The experimental results show that the contribution of Content features differs between the Random Forest and SVM algorithms. By comparing and analyzing the test accuracy before and after adding Content features, we can assess their influence.
目錄 ....................................................................................... ii
圖目錄 ...................................................................................... iii
表目錄 ...................................................................................... iv
摘要 ...................................................................................... vi
Abstract ..................................................................................... vii
第一章 緒論 ............................................................................... 1
第一節 研究背景 ................................................................... 1
第二節 研究動機 ................................................................... 2
第三節 研究目的 ................................................................... 2
第二章 文獻探討 ....................................................................... 5
第一節 文獻探討 ................................................................... 5
第二節 NSL KDD資料集攻擊類別 .................................. 13
第三節 本文採用演算法 ..................................................... 16
第三章 研究方法 ..................................................................... 19
iii
第一節 研究方法 ................................................................. 19
第二節 IDS入侵偵測系統常見偵測手法 ......................... 24
第三節 IDS入侵偵測系統佈署方式 ................................. 26
第四節 IDS偵測系統-CIDF架構偵測及佈署 ............... 31
第五節 事件分析器的應用-機器學習演算法 ................. 33
第六節 實驗架構 ................................................................. 38
第四章 實驗結果 ..................................................................... 42
第一節 隨機森林特徵重要性 ............................................. 44
第二節 RFE特徵篩選及測試 ............................................ 46
第五章 結論 ............................................................................. 49
參考文獻 .................................................................................... 50
[1]
"KDD Cup 1999 Data," University of California, Irvine, [Online]. Available: https://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
[2]
B. Efron, "Bootstrap Methods- Another Look at the Jackknife," The Annals of Statistics, pp. 1-26, 1 1979.
[3]
L. Breiman, "Bagging Predictors," University of California, Berkeley, 1994.
[4]
J. N. Morgan and J. A. Sonquist, "Problems in the Analysis of Survey Data, and a Proposal," ournal of the American Statistical Association, vol. 58, no. 302, pp. 415-434, 1963.
[5]
E. B. Hunt, J. Marin and P. J. Stone, Experiments in Induction, Academic Press, 1966.
[6]
R. J. Quinlan, Discovering Rules by Induction from Large Collections of Examples, Expert Systems in the Micro Electronic Age, Edinburgh University Press, 1979.
[7]
L. Breiman, J. Friedman, C. J. Stone and R. Olshen, Classification and Regression Trees, Taylor & Francis, 1984.
51
[8]
T. K. Ho, "Random Decision Forests," in Proceedings of 3rd International Conference on Document Analysis and Recognition, Montreal, QC, Canada, 1995.
[9]
L. Breiman, "Random Forests," Machine Learning, pp. 5-32, 10 2001.
[10]
Z. A. T. a. R. Mazumder, "A Novel Feature Selection Technique for Intrusion Detection System Using RF-RFE and Bio-inspired Optimization," in Proceedings of the 2023 Conference on Information and Systems Security (CISS), Baltimore, MD, 2023.
[11]
V. N. Vapnik and A. Y. Chervonenkis, "On a perceptron class," Avtomat. i Telemekh., pp. 112-120, 1964.
[12]
B. E. Boser, I. M. Guyon and V. N. Vapnik, "A Training Algorithm for Optimal Margin Classifiers," in COLT '92: Proceedings of the Fifth Annual Workshop on Computational Learning Theory, Pittsburgh Pennsylvania USA, 1992.
[13]
C. Cortes and V. Vapnik, "Support-Vector Networks," Machine Learning, pp. 273-297, 9 1995.
[14]
E. Osuna, R. Freund and F. Girosi, "An Improved Training Algorithm for Support Vector Machines," in IEEE Neural Networks for
52
Signal Processing (NNSP'97), Amelia Island, FL, USA, 1997.
[15]
J. C. Platt, "Sequential Minimal Optimization: A Fast Algorithm for Training Support Vector Machines," Microsoft Research, 1998.
[16]
M. A. a. K. A. Kumar, "GOSVM: Gannet optimization based support vector machine for malicious attack detection in cloud environment," International Journal of Information Technology, vol. 15, pp. 1653-1660, 2023.
[17]
L. C. Shītáodémàiěr and K. Àomǔlín, "Feature Set Reduction for Automatic Network Intrusion Detection with Machine Learning Algorithms," in South African Telecommunication Networks and Applications, At: Swaziland, 2009.
[18]
L. C. Shītáodémàiěr and K. Àomǔlín, "Extracting salient features for network intrusion detection using machine learning methods," South African Computer Journal, vol. 52, 2014.
[19]
S. T. B. a. S. D. Staniford-Chen, "The Common Intrusion Detection Framework (CIDF)," in Information Survivability Workshop, Orlando, Florida, 1998.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
無相關期刊