{"title":"基于隔离林和fp生长的入侵检测研究与改进","authors":"Yan-sen Zhou, Jianquan Cui, Qi Liu","doi":"10.1109/ICCSNT50940.2020.9304988","DOIUrl":null,"url":null,"abstract":"The current anomaly intrusion detection system has shortcomings such as low detection rate, high false alarm rate and poor performance in processing large amounts of data. In response to the above problems, some improvement measures are put forward for the isolated forest algorithm and the FP-Growth algorithm. The improved isolated forest algorithm considers the correlation between dimensions and makes the dimension division more reasonable for abnormal analysis. The improved FP growth algorithm reduces the time of processing a large amount of data, used for correlation analysis of abnormal data. Applying the above two improved algorithms to intrusion detection can further improve the anomaly detection performance. The results show that the false alarm rate of the joint improved algorithm is relatively reduced by 25%, and the overall detection rate is 96.24%.","PeriodicalId":6794,"journal":{"name":"2020 IEEE 8th International Conference on Computer Science and Network Technology (ICCSNT)","volume":"38 1","pages":"160-164"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Research and Improvement of Intrusion Detection Based on Isolated Forest and FP-Growth\",\"authors\":\"Yan-sen Zhou, Jianquan Cui, Qi Liu\",\"doi\":\"10.1109/ICCSNT50940.2020.9304988\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The current anomaly intrusion detection system has shortcomings such as low detection rate, high false alarm rate and poor performance in processing large amounts of data. In response to the above problems, some improvement measures are put forward for the isolated forest algorithm and the FP-Growth algorithm. The improved isolated forest algorithm considers the correlation between dimensions and makes the dimension division more reasonable for abnormal analysis. The improved FP growth algorithm reduces the time of processing a large amount of data, used for correlation analysis of abnormal data. Applying the above two improved algorithms to intrusion detection can further improve the anomaly detection performance. The results show that the false alarm rate of the joint improved algorithm is relatively reduced by 25%, and the overall detection rate is 96.24%.\",\"PeriodicalId\":6794,\"journal\":{\"name\":\"2020 IEEE 8th International Conference on Computer Science and Network Technology (ICCSNT)\",\"volume\":\"38 1\",\"pages\":\"160-164\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-11-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE 8th International Conference on Computer Science and Network Technology (ICCSNT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCSNT50940.2020.9304988\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 8th International Conference on Computer Science and Network Technology (ICCSNT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCSNT50940.2020.9304988","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Research and Improvement of Intrusion Detection Based on Isolated Forest and FP-Growth
The current anomaly intrusion detection system has shortcomings such as low detection rate, high false alarm rate and poor performance in processing large amounts of data. In response to the above problems, some improvement measures are put forward for the isolated forest algorithm and the FP-Growth algorithm. The improved isolated forest algorithm considers the correlation between dimensions and makes the dimension division more reasonable for abnormal analysis. The improved FP growth algorithm reduces the time of processing a large amount of data, used for correlation analysis of abnormal data. Applying the above two improved algorithms to intrusion detection can further improve the anomaly detection performance. The results show that the false alarm rate of the joint improved algorithm is relatively reduced by 25%, and the overall detection rate is 96.24%.