计算机科学 ›› 2021, Vol. 48 ›› Issue (6): 324-331.doi: 10.11896/jsjkx.200400033
贾琳1, 杨超1,2,3, 宋玲玲1, 程镇1, 李琲珺1
JIA Lin1, YANG Chao1,2,3, SONG Ling-ling1, CHENG Zhen1and LI Bei-jun1
摘要: 否定选择算法(Negative Selection Algorithm,NSA)作为人工免疫系统的典型算法被广泛应用于入侵检测中。针对传统否定选择算法在处理入侵检测问题时出现的准确率低、误报率高以及检测器集合冗余度高等问题,提出了一种改进的否定选择算法并将其应用到入侵检测中。其主要思想是:首先通过密度峰值聚类算法对非自体抗原进行聚类,生成一类已知检测器,该检测器可检测已知入侵行为;然后定义异常点并将其优先作为候选检测器中心,计算和生成未知检测器,该检测器可检测未知入侵行为,以此降低检测器生成的随机性。在实验阶段,选择准确率(Accuracy,AC)和误报率(False Alarm,FA)作为评价指标。分别在KDDCUP99和CSE-CIC-IDS2018数据集上进行了仿真实验,实验结果表明,所提算法在这两种数据集上均有较低的误报率和较高的准确率,这验证了其具有较好的检测效果。
中图分类号:
[1]LI W,YANG Z M.Review of Intrusion Detection System[J].Journal of Jilin University(Information Science Edition),2016,34(5):657-662. [2]WEI Z,YANG W C,WILLY S.Interactive three-dimensional visualization of network intrusion detection data for machine learning[J].Future generation computer systems,2020,102(Jan.):292-306. [3]MAHENDRA P,SACHIN T.An efficient feature selectionbased Bayesian and Rough set approach for intrusion detection[J].Applied Soft Computing,2020,87(2):105980. [4]HYUN M S,JIYOUNG W,HUY K K.In-vehicle network intrusion detection using deep convolutional neural network[J].Vehicular Communications,2020,21(2):100198.1-100198.13. [5]VIJAYANAND R,DEVARAJ D,KANNAPIRAN B.Intrusion detection system for wireless mesh network using multiple support vector machine classifiers with genetic-algorithm-based feature selection[J].Computers & Security,2018,77(8):304-314. [6]SAIFUL I S,MUHAMMAD S A.Network Intrusion Detection System Using Artificial Immune System(AIS)[C]//International Conference on Computer and Communication Systems.2018:178-182. [7]CHUNG M O.Host-based Intrusion Detection Systems Inspired by Machine Learning of Agent-Based Artificial Immune Systems[C]//IEEE International Symposium on INnovations in Intelligent Systems and Applications.2019:1-5. [8]NASIR R,JAVAID I,FAHAD M.Artificial Immune System-Negative Selection Classification Algorithm(NSCA) for Four Class Electroencephalogram(EEG) Signals[J].Frontiers in Human Neuroscience,2018,12:439-453. [9]TAKESHI O,MITSUNOBU T.An artificial immunity-enhancing module for internet servers against cyberattacks[J].Artificial Life and Robotics,2018,23(3):292-297. [10]FORREST S,PERELSON A S,ALLEN L,et al.Self-nonselfdiscrimination in a computer[M].IEEE Computer Society,1994:202-212. [11]SYDNEY M K,SUN Y X.A deep learning method with wrapper based feature extraction for wireless intrusion detection system[J].Computer & Security,2020,92(5):1-15. [12]GUO X D,LI X M.Intrusion detection based on improvedsparse denoising autoencoder[J].Journal of Computer Applications,2019,39(3):153-157. [13]ZHOU Y Y,CHENG G.Building an efficient intrusion detection system based on feature selection and ensemble classifier[J].Computer Networks,2020,174(19):1-12. [14]HE F M,MA H Z.Research on Anomaly Intrusion Detection System Based on Feature Grouping Clustering[J].Computer Engineering,2020,46(4):123-128. [15]MRAIN E P,VASIL A S,VLADIMIR K P,et al.Negative Selection and Neural Network Based Algorithm for Intrusion Detection in IoT[C]//International Conference on Telecommunications and Signal Processing(TSP).2018. [16]BHUVANESWARI G,MANIKANDAN G.An intelligent in-trusion detection system for secure wireless communication using IPSO and negative selection classifier[J].Cluster Computing,2019,22(5):12429-12441. [17]JIN J,HAN H,CUI Y J.Application of improved negative select algorithm in intrusion detection system[J].Electronic Design Engineering,2015,23(1):7-9. [18]LIU H H,NIU L,KONG W W,et al.Technique for Intrusion Detection Based on Dual Negative Splitting Selection Algorithm[J].Fire Control &Command Control,2018,43(10):181-186. [19]CHIKH R,SALIM C.A New Negative Selection Algorithm for Adaptive Network Intrusion Detection System[J].International Journal of Information Security and Privacy IJISP,2014,8(4):1-25. [20]JIN Z Z,LIAO M H,XIAO G.Survey of negative selection algorithms[J].Journal on Communications,2013,34(1):159-170. [21]ZHOU J,DASGUPTA D.Real-valued negative selection algo-rithm with variable-sized detectors[J].Genetic and Evolutio-nary Computation-GECCO,2004:287-298. [22]RODRIGUEZ A,LAIO A.Clustering by fast search and find of density peaks[J].Science,2014,344(6191):1492-1496. [23]MA C L,SHAN H,MA T.Improved Density Peaks Based Clustering Algorithm with Strategy Choosing Cluster Center Automatically[J].Computer Science,2016,43(7):255-258,280. [24]YANG C,JIA L,CHEN B Q,et al.Negative Selection Algorithm Based on Antigen Density Clustering[J].IEEE Access,2020,8:44967-44975. [25]ZHANG X Y,ZENG H S,JIA L.Research of intrusion detection system dataset-KDD CUP99[J].Computer Engineering and Design,2010,31(22):4809-4813. [26]UCI data set[OL].http://archive.ics.uci.edu/ml/index.php. [27]CSE-CIC-IDS2018 data set[OL].https://www.unb.ca/cic/datasets/ids-2018.html. [28]NIU L,SUN Z L.PCA-AKM Algorithm and Its Application in Intrusion Detection System[J].Computer Science,2018,(45)2:226-230. |
[1] | 王馨彤, 王璇, 孙知信. 基于多尺度记忆残差网络的网络流量异常检测模型 Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network 计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011 |
[2] | 沈祥培, 丁彦蕊. 多检测器融合的深度相关滤波视频多目标跟踪算法 Multi-detector Fusion-based Depth Correlation Filtering Video Multi-target Tracking Algorithm 计算机科学, 2022, 49(8): 184-190. https://doi.org/10.11896/jsjkx.210600004 |
[3] | 周志豪, 陈磊, 伍翔, 丘东亮, 梁广升, 曾凡巧. 基于SMOTE-SDSAE-SVM的车载CAN总线入侵检测算法 SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm 计算机科学, 2022, 49(6A): 562-570. https://doi.org/10.11896/jsjkx.210700106 |
[4] | 曹扬晨, 朱国胜, 孙文和, 吴善超. 未知网络攻击识别关键技术研究 Study on Key Technologies of Unknown Network Attack Identification 计算机科学, 2022, 49(6A): 581-587. https://doi.org/10.11896/jsjkx.210400044 |
[5] | 魏辉, 陈泽茂, 张立强. 一种基于顺序和频率模式的系统调用轨迹异常检测框架 Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns 计算机科学, 2022, 49(6): 350-355. https://doi.org/10.11896/jsjkx.210500031 |
[6] | 张师鹏, 李永忠. 基于降噪自编码器和三支决策的入侵检测方法 Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions 计算机科学, 2021, 48(9): 345-351. https://doi.org/10.11896/jsjkx.200500059 |
[7] | 吴善杰, 王新. 基于AGA-DBSCAN优化的RBF神经网络构造煤厚度预测方法 Prediction of Tectonic Coal Thickness Based on AGA-DBSCAN Optimized RBF Neural Networks 计算机科学, 2021, 48(7): 308-315. https://doi.org/10.11896/jsjkx.200800110 |
[8] | 李贝贝, 宋佳芮, 杜卿芸, 何俊江. DRL-IDS:基于深度强化学习的工业物联网入侵检测系统 DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things 计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021 |
[9] | 程希, 曹晓梅. 基于信息携带的SQL注入攻击检测方法 SQL Injection Attack Detection Method Based on Information Carrying 计算机科学, 2021, 48(7): 70-76. https://doi.org/10.11896/jsjkx.200600010 |
[10] | 曹扬晨, 朱国胜, 祁小云, 邹洁. 基于随机森林的入侵检测分类研究 Research on Intrusion Detection Classification Based on Random Forest 计算机科学, 2021, 48(6A): 459-463. https://doi.org/10.11896/jsjkx.200600161 |
[11] | 俞建业, 戚湧, 王宝茁. 基于Spark的车联网分布式组合深度学习入侵检测方法 Distributed Combination Deep Learning Intrusion Detection Method for Internet of Vehicles Based on Spark 计算机科学, 2021, 48(6A): 518-523. https://doi.org/10.11896/jsjkx.200700129 |
[12] | 张慧. 基于程序变异和高斯混合聚类的错误定位技术 Fault Localization Technology Based on Program Mutation and Gaussian Mixture Model 计算机科学, 2021, 48(6A): 572-574. https://doi.org/10.11896/jsjkx.200500121 |
[13] | 王颖颖, 常俊, 武浩, 周详, 彭予. 基于WiFi-CSI的入侵检测方法 Intrusion Detection Method Based on WiFi-CSI 计算机科学, 2021, 48(6): 343-348. https://doi.org/10.11896/jsjkx.200700006 |
[14] | 刘全明, 李尹楠, 郭婷, 李岩纬. 基于Borderline-SMOTE和双Attention的入侵检测方法 Intrusion Detection Method Based on Borderline-SMOTE and Double Attention 计算机科学, 2021, 48(3): 327-332. https://doi.org/10.11896/jsjkx.200600025 |
[15] | 郇文明, 林海涛. 基于采样集成算法的入侵检测系统设计 Design of Intrusion Detection System Based on Sampling Ensemble Algorithm 计算机科学, 2021, 48(11A): 705-712. https://doi.org/10.11896/jsjkx.201100101 |
|