Intrusion detection system rule matching optimization method based on machine learning

An intrusion detection system and machine learning technology, applied in the field of robotic systems, can solve problems such as unstable performance, low detection performance, and huge rule base, and achieve the effects of improving processing performance, reducing the number of matches, and improving stability.

Pending Publication Date: 2021-04-06
JIANGSU FUTURE NETWORKS INNOVATION
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0014] (1) The rule base is huge, the intrusion detection system has many invalid matches, and the detection performance is low
[0015] (2) The performance of the intrusion detection system is unstable under different traffic scenarios

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion detection system rule matching optimization method based on machine learning
  • Intrusion detection system rule matching optimization method based on machine learning
  • Intrusion detection system rule matching optimization method based on machine learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0044] The specific implementation method is as follows:

[0045] Step 1: Network packets are connected to the intrusion detection system;

[0046] Step 2: The intrusion detection system generates a pre-matching rule sequence for the message rule;

[0047] Step 3: The machine learning prediction module obtains the machine learning data training set. If the machine learning data training set is empty, go to step 6;

[0048] Step 4: The machine learning prediction module calculates the hit probability of pre-matching rules according to the machine learning data training set;

[0049] Step 5: The rule sorting module performs real-time reverse sorting on the pre-matching rules according to the hit probability;

[0050] Step 6: The intrusion detection system traverses the pre-matching rules and packets for matching detection;

[0051] Step 7: The machine learning cycle building module collects the detection results of the intrusion detection system, and regularly builds the mach...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an intrusion detection system rule matching optimization method based on machine learning, and the method comprises the steps: continuously learning the historical alarm of an intrusion detection system through a machine learning period construction module, and periodically constructing a machine learning data training set; enabling the machine learning prediction module to perform real-time prediction on the selected pre-matching rule sequence after the network message enters the second detection engine stage, and outputting the hit probability of the pre-matching rule base sequence; and performing inverse sorting on the pre-matching rules according to the hit probabilities, so that the intrusion detection system preferentially traverses the pre-matching rule with the highest hit probability. The method can effectively reduce the number of invalid matching times of the intrusion detection system, improve the performance of the intrusion detection system, dynamically adjust the pre-matching rule sequence of the intrusion detection system, and ensure the stability of the efficiency of the intrusion detection system in different flow scenes. By regularly updating the machine learning data set, the stability of the intrusion detection system in a multi-flow scene can be effectively improved.

Description

technical field [0001] The invention relates to the field of robot systems, in particular to a machine learning-based intrusion detection system rule matching optimization method. Background technique [0002] An intrusion detection system ("IDS" for short) is a network security device that monitors network transmissions in real time, and sends an alarm or takes active response measures when suspicious transmissions are found. [0003] An intrusion detection system is a group of computer programs that realize intrusion detection through misuse detection (Misuse Detection), anomaly detection (Anormal Detection) or a combination of the two technologies. [0004] Anomaly Detection (Anomaly Detection) is a behavior-based intrusion detection system. It first summarizes the characteristics that normal operations should have. When user activities deviate significantly from normal behavior, it is considered an intrusion. [0005] Misuse Detection is an intrusion detection system ba...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06N20/00
CPCH04L63/1408G06N20/00
Inventor 张广兴廖志元
Owner JIANGSU FUTURE NETWORKS INNOVATION
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap