A Multi-Fold Self-Correction Small-Sample Classifier for Intrusion Detection

Intrusion detection is very important for network security. Traditional intrusion detection algorithms are often affected by biased training samples and misleading characteristics of attack behaviors. Therefore, a self-correction small sample classifier for intrusion detection is proposed. First, an orthogonal projection classification method roughly divides training data set into three groups. Then, based on support vector machine and random forest algorithm, sub-classifiers are constructed layer by layer to refine the results iteratively. Finally, by combining results of all sub-classifiers, a classifier for the NSL-KDD data set is constructed. Experimental results show that the proposed classifier surpasses its competitors in the detection accuracy of DoS (Denial of Service), Probe and R2L (Remote to Local). The overall recall and accuracy rates are better than others.