Abstract
Aming at the problem that the basic model has unstable performance in different network dataset, and the ensemble model will greatly increase the training time and testing time while improving the accuracy. This paper proposes a new intrusion detection model based on improved extreme trees. Firstly, this paper uses the feature selection to improve computing efficiency. And in order to improve the accuracy and adaptability, bagging is used to improve the extreme trees model and integrated the improved extreme trees and the Quadratic Discriminant Analysis in a maximization manner to obtain the learning results. Experiments on the KDDCUP99 dataset and UNSW-NB15 dataset verify that the training time and testing time of the new model is much shorter than the training and testing time and higher accuracy of the GBDT model. The training time and testing time of GBDT on the UNSW-NB15 dataset is 3.68 times that of the new model, and the accuracy rate is 2.27% higher than the GBDT model. In addition, the Fuzzers and Shellcode attacks in the UNSW-NB15 dataset were extracted and tested separately, which verified that the new model has excellent adaptability in various types of attack detection. Finally, the new model is combined with a blacklist mechanism and detection rules and applied to anomaly detection systems.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
