Three-Branch Random Forest Intrusion Detection Model
Network intrusion detection has the problems of large amounts of data, numerous attributes, and different levels of importance for each attribute in detection. However, in random forests, the detection results have large deviations due to the random selection of attributes. Therefore, aiming at the...
Main Authors: | , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2022-11-01
|
Series: | Mathematics |
Subjects: | |
Online Access: | https://www.mdpi.com/2227-7390/10/23/4460 |
_version_ | 1797462734473789440 |
---|---|
author | Chunying Zhang Wenjie Wang Lu Liu Jing Ren Liya Wang |
author_facet | Chunying Zhang Wenjie Wang Lu Liu Jing Ren Liya Wang |
author_sort | Chunying Zhang |
collection | DOAJ |
description | Network intrusion detection has the problems of large amounts of data, numerous attributes, and different levels of importance for each attribute in detection. However, in random forests, the detection results have large deviations due to the random selection of attributes. Therefore, aiming at the current problems, considering increasing the probability of essential features being selected, a network intrusion detection model based on three-way selected random forest (IDTSRF) is proposed, which integrates three decision branches and random forest. Firstly, according to the characteristics of attributes, it is proposed to evaluate the importance of attributes by combining decision boundary entropy, and using three decision rules to divide attributes; secondly, to keep the randomness of attributes, three attribute random selection rules based on attribute randomness are established, and a certain number of attributes are randomly selected from three candidate fields according to conditions; finally, the training sample set is formed by using autonomous sampling method to select samples and combining three randomly selected attribute sets randomly, and multiple decision trees are trained to form a random forest. The experimental results show that the model has high precision and recall. |
first_indexed | 2024-03-09T17:40:52Z |
format | Article |
id | doaj.art-9d69c9826936411e83fb4395bdfca84b |
institution | Directory Open Access Journal |
issn | 2227-7390 |
language | English |
last_indexed | 2024-03-09T17:40:52Z |
publishDate | 2022-11-01 |
publisher | MDPI AG |
record_format | Article |
series | Mathematics |
spelling | doaj.art-9d69c9826936411e83fb4395bdfca84b2023-11-24T11:33:57ZengMDPI AGMathematics2227-73902022-11-011023446010.3390/math10234460Three-Branch Random Forest Intrusion Detection ModelChunying Zhang0Wenjie Wang1Lu Liu2Jing Ren3Liya Wang4College of Science, North China University of Science and Technology, Tangshan 063210, ChinaCollege of Science, North China University of Science and Technology, Tangshan 063210, ChinaCollege of Science, North China University of Science and Technology, Tangshan 063210, ChinaCollege of Science, North China University of Science and Technology, Tangshan 063210, ChinaCollege of Science, North China University of Science and Technology, Tangshan 063210, ChinaNetwork intrusion detection has the problems of large amounts of data, numerous attributes, and different levels of importance for each attribute in detection. However, in random forests, the detection results have large deviations due to the random selection of attributes. Therefore, aiming at the current problems, considering increasing the probability of essential features being selected, a network intrusion detection model based on three-way selected random forest (IDTSRF) is proposed, which integrates three decision branches and random forest. Firstly, according to the characteristics of attributes, it is proposed to evaluate the importance of attributes by combining decision boundary entropy, and using three decision rules to divide attributes; secondly, to keep the randomness of attributes, three attribute random selection rules based on attribute randomness are established, and a certain number of attributes are randomly selected from three candidate fields according to conditions; finally, the training sample set is formed by using autonomous sampling method to select samples and combining three randomly selected attribute sets randomly, and multiple decision trees are trained to form a random forest. The experimental results show that the model has high precision and recall.https://www.mdpi.com/2227-7390/10/23/4460intrusion detectionattribute importancedecision boundary entropythree-way decisionrandom forest |
spellingShingle | Chunying Zhang Wenjie Wang Lu Liu Jing Ren Liya Wang Three-Branch Random Forest Intrusion Detection Model Mathematics intrusion detection attribute importance decision boundary entropy three-way decision random forest |
title | Three-Branch Random Forest Intrusion Detection Model |
title_full | Three-Branch Random Forest Intrusion Detection Model |
title_fullStr | Three-Branch Random Forest Intrusion Detection Model |
title_full_unstemmed | Three-Branch Random Forest Intrusion Detection Model |
title_short | Three-Branch Random Forest Intrusion Detection Model |
title_sort | three branch random forest intrusion detection model |
topic | intrusion detection attribute importance decision boundary entropy three-way decision random forest |
url | https://www.mdpi.com/2227-7390/10/23/4460 |
work_keys_str_mv | AT chunyingzhang threebranchrandomforestintrusiondetectionmodel AT wenjiewang threebranchrandomforestintrusiondetectionmodel AT luliu threebranchrandomforestintrusiondetectionmodel AT jingren threebranchrandomforestintrusiondetectionmodel AT liyawang threebranchrandomforestintrusiondetectionmodel |