ABSTRACT Machine learning algorithms have been widely used in the field of intrusion detection, which effectively improves the detection effect. However, with changeable attack methods and the increasingly complex data, which may make detection inefficient. Therefore, in this paper, we propose an intrusion detection method which can effectively deal with many kinds of attack scenarios. Firstly, the data is preprocessed by data selection or transformation, numerical, normalization, k-classification, uniqueness and missing data processing, and then the RFSGA algorithm is formed by combining ReliefF, Relative Rough Set (RRS) and genetic algorithm (GA) for attribute reduction. The learning model is constructed by using the improved clustering method, in which we apply genetic algorithm for selecting the optimal super parameters of each cluster. Finally, we use KDDCUP99, CICIDS2017 and ADFA-LD to verify the performance of the proposed method. In terms of accuracy (acc), F1 value (f1) and the corresponding detection time (time), simulation results prove that the proposed method has obvious advantages in comparison with the algorithm before improvement and similar studies.
Read full abstract