In order to solve the problem which includes the difficulties of network intrusion detection, redundancy of network intrusion character, difficulties for feature matching, a network intrusion detection method based on improved ACBM algorithm is proposed in this article. The improved ACBM algorithm is used to achieve matching module, which add the filtering function for module improvement. The distribution characteristics of stability and the use of the bifurcated binary tree model is used to complete the feature classification. In the stable feature, the inter-class distance is used as the classification method of support vector machine, which has strong ability of generalization as well as high identification accuracy, and has the application foreground detection. Finally, the superiority of the proposed method is proved through the data in KDDCup99 database. It shows that the proposed network intrusion detection method by experiment, which combines the ACBM algorithm and the classification mechanism, has a better accuracy than LSSVM and SVM, and it is proved that  this method is very suitable for network intrusion detection under complex features environment.

DOI : http://dx.doi.org/10.11591/telkomnika.v12i4.4246