摘要
针对当前网络入侵检测技术由于特征冗余引起的检测效率低和准确率低等问题,将一种融合杜鹃搜索的灰狼优化算法应用于网络入侵检测的特征选择中,旨在减少特征冗余,进而提高网络入侵检测的性能。首先,在每次迭代过程中采用杜鹃搜索算法中的莱维飞行机制对适应度值最好的3只灰狼的位置进行扰动,避免在搜索最优解的过程中陷入局部最优。然后,采用灰狼优化算法的更新机制来更新灰狼的位置信息,使狼群朝着猎物的方向聚集。最后,根据预先设定的概率值对狼群的位置进行随机更新,迫使狼群在不断逼近猎物的过程中,能随机地跳出局部最优,从而提高灰狼优化算法在网络入侵检测特征选择中的全局搜索能力。使用网络入侵检测NSL-KDD测试集进行验证实验,并与灰狼优化算法、杜鹃优化算法以及传统的信息增益算法从特征选择的角度进行对比,结果表明,将融合杜鹃搜索的灰狼优化算法应用于网络入侵检测的特征选择时,分类准确率及特征子集的选择都取得较好的效果。融合杜鹃搜索的灰狼优化算法在全局搜索能力方面有较为显著的提升,将其应用于特征选择中,可以有效地提高网络入侵检测的性能。
In order to solve the problem of low detection efficiency and low accuracy caused by feature redundancy in current network intrusion detection technology,an improved Grey Wolf Optimizer algorithm integrated with Cuckoo Search was applied to feature selection for network intrusion detection,which aimed at reducing the feature redundancy and improving the performance of network intrusion detection.First,the Levy flight mechanism in the Cuckoo Search algorithm was adopted to disturb the position of three grey wolves with the best fitness values,which avoided the local optimum in the process of searching the optimal solution.Then,the updating mechanism of the Grey Wolf Optimizer algorithm was utilized to update the location information of grey wolves,ensuing these wolves could gather in the direction of their prey.Finally,the location of the grey wolf group was randomly updated according to the predetermined probability value.Hence,the grey wolf group could randomly jump out of the local optimum in the process of continuous approximation of the prey,which improved the global-search ability of the Grey Wolf Optimizer algorithm in feature selection for network intrusion detection.The NSL-KDD dataset in network intrusion detection was used for the verification,and the Grey Wolf Optimizer algorithm,the Cuckoo Search algorithm and the traditional Information Gain algorithm were compared in the experiments from the viewpoint of feature selection.The experimental results showed that,when applying the improved Grey Wolf Optimizer algorithm integrated with Cuckoo Search to feature selection for network intrusion detection,it could achieve good results in both the classification accuracy and the selection of feature subsets.In summary,the improved Grey Wolf Optimizer algorithm integrated with Cuckoo Search had a relatively significant improvement in the ability of global search,and its application in feature selection could effectively improve the per-formance of network intrusion detection.
作者
徐慧
付迎春
刘翔
方策
苏军
XU Hui;FU Yingchun;LIU Xiang;FANG Ce;SU Jun(School of Computer Sci.,Hubei Univ.of Technol.,Wuhan 430068,China)
出处
《工程科学与技术》
EI
CAS
CSCD
北大核心
2018年第5期160-166,共7页
Advanced Engineering Sciences
基金
国家自然科学基金资助项目(61602162
61440024)
关键词
网络入侵检测
特征选择
灰狼优化算法
杜鹃搜索算法
network intrusion detection
feature selection
Grey Wolf Optimizer algorithm
Cuckoo Search algorithm
