With the rapid increase and complexity of IPv6 network traffic, the traditional intrusion detection system Snort detects DoS attacks based on specific rules, which reduces the detection performance of IDS. To solve the DoS intrusion detection problem in the IPv6 network environment, the lightweight KNN optimization algorithm in machine learning is adopted. First, the double dimensionality reduction of features is achieved through the information gain rate, and discrete features with more subfeatures are selected and aggregated to further dimensionality reduction and feature dimension of the actual operation. Secondly, the information gain rate is used as the weight to optimize the sample Euclidean distance measurement. Based on the proposed measure of the reverse distance influence, the classification decision algorithm of the KNN algorithm is optimized to make the detection technology better. The effect is further improved. The experimental results show that the traditional TAD‐KNN algorithm based on average distance and the GR‐KNN algorithm that only optimizes the distance definition, the GR‐AD‐KNN algorithm can not only improve the overall detection performance in the detection of IPv6 network traffic characteristics but also for small groups of samples. As a result, classification has better detection results.
Read full abstract