基于神经网络的实时入侵检测系统的研究和实现

根据TCP/IP协议族攻击的特征,提出在传输层上将捕获的数据包分成三类(UDP、TCP和ICMP)分别进行编码并输入到三个不同的神经网络中训练、检测。根据以上思想设计并实现了一个基于BP神经网络的实时入侵检测系统的原型。该原型系统具有通用性和可扩展性,能够根据需要灵活调整网络结构和训练参数,可以发展为更精确的网络入侵检测系统。最后给出了实验设计及其结果,证明了文中对数据包分类处理的方法既能减少网络训练的次数,又能提高网络检测的精度。

Instant intrusion detection system based on neural network

According to the characteristics of the attacks against TCP/IP protocol,transferring layer data packets can be classified into three types(namely UDP,TCP and ICMP) and handled respectively.The three types of packets are used as input to train and formulate different neural networks for intrusion detection.With the proposed method,a novel instant intrusion detection system is designed and achieved.The system has favorable usability,extensibility and the parameters of the network structure can be flexibly adjusted to achieve satisfactory detection performance.Experimental results prove that disposing data packets respectively can reduce the time of neural network training and improve the accuracy of network intrusion detection.