关键词: 网络入侵, 半监督技术, 主动学习算法, 数据聚类处理, 分类器参数优化

Abstract: In view of diversity and variability of the current network intrusion, and it was difficult to obtain ideal network intrusion detection results by a single method. In order to improve the accuracy of network intrusion detection and effectively intercept all kinds of network intrusion, we proposed a network intrusion detection method based on combination of semi-supervised technology and active learning. Firstly, the network intrusion data was collected, the network intrusion features were extracted, and the semi-supervised technology was used to cluster the network intrusion data according to the features. Secondly, the active learning algorithm was used to train the clustered data, the classifier of network intrusion detection was constructed, and the ant colony algorithm was introduced to optimize the classifier of network intrusion detection. Finally, the standard data set was used to simulate and test the network intrusion detection. The text results show that this method solves the defects of the current intrusion detection methods, improves the accuracy of network intrusion detection, and the missed detection rate and false detectio
n rate are significantly less than the classical network intrusion detection methods. At the same time, it shortens the network intrusion detection time, improves the efficiency of network intrusion detection, and can better ensure the security of network communication and data transmission.

Key words: network intrusion, semi-supervised technology, active learning algorithm, data clustering, classifier parameter optimization