计算机科学 ›› 2021, Vol. 48 ›› Issue (9): 345-351.doi: 10.11896/jsjkx.200500059
• 信息安全 • 上一篇
张师鹏, 李永忠
ZHANG Shi-peng, LI Yong-zhong
摘要: 入侵检测在计算机网络安全防御中起着至关重要的作用,是网络安全的关键技术之一。随着网络环境越来越复杂,网络入侵行为也逐渐表现出了多样化及智能化的特点,且越来越难以被检测到。基于上述原因,人们对已有入侵检测方法的可行性与可持续性表示担忧,具体来说就是已有的入侵检测算法很难完美地抽象出入侵行为所包含的特征,且已有的入侵检测方法在未知攻击上大都表现不佳。针对这些问题,文中提出了基于降噪自编码器和三支决策的入侵检测算法DAE-3WD。该方法通过降噪自编码器对高维数据进行特征提取,利用多次的特征提取来构造多粒度的特征空间,然后基于三支决策理论对属于入侵或正常的行为做出立即决策,而对于疑似入侵或者疑似正常的行为则根据不同粒度的特征进行进一步的分析。深度学习具有优越的分层特征学习能力,且三支决策可以规避因信息不足而盲目分类造成的风险,该方法利用这些特性可以达到提升入侵检测表现的目的。在NSL-KDD数据集上进行了实验,实验结果证明,所提算法能提取到有意义的特征并能有效提升入侵检测算法的表现。
中图分类号:
[1]GAO N,GAO L,GAO Q,et al.An Intrusion Detection Model Based on Deep Belief Networks[C]//2014 Second International Conference on Advanced Cloud and Big Data.IEEE,2014:247-252. [2]QIAN Y Y,LI Y Z,YU X Y.Intrusion Detection Method Based on Multi-label and Semi-Supervised Learning[J].Computer Science,2015,42(2):134-136. [3]NESPOLI P,PAPAMARTZIVANOS D,MÁRMOL F G,et al.Optimal Countermeasures Selection Against Cyber Attacks:A Comprehensive Survey on Reaction Frameworks[J].IEEE Communications Surveys & Tutorials,2017,20(2):1361-1396. [4]DÍAZ-LÓPEZ D,DÓLERA-TORMO G,GÓMEZ-MÁRMOL F,et al.Dynamic Counter-Measures for Risk-Based Access Control Systems:An Evolutive Approach[J].Future Generation Computer Systems,2016,55:321-335. [5]LU Y.Research on a New Hybrid Intrusion Detection Algo-rithm for Cloud Computing[J].Journal of Chongqing University of Technology (Natural Science),2020,34(10):153-159. [6]LI Y Z,ZHANG J.Intrusion Detection Algorithm Based onCluster and Cloud Model[J].Computer Science,2015(2):33. [7]GAO L Y,TIAN Z S,LI L X,et al.A SVDD-Based Method for WLAN Indoor Passive Intrusion[J].Journal of Chongqing University of Posts and Telecommunications (Natural Science Edition),2020,32(2):200-209. [8]ZHANG Y S,JIANG S Y.Research on Network Intrusion Detection Based on Rick Data Mining Tracking Technology[J].Journal of Chongqing University of Technology (Natural Scien-ce),2019,33(10):127-135. [9]HINTON G E,OSINDERO S,TEH Y W.A Fast Learning Algorithm For Deep Belief Nets[J].Neural Computation,2006,18(7):1527-1554. [10]WEI P,LI Y,ZHANG Z,et al.An Optimization Method for Intrusion Detection Classification Model Based on Deep Belief Network[J].IEEE Access,2019,7:87593-87605. [11]YANG Y Q,ZHENG K F,WU B,et al.Network Intrusion Detection Based on Supervised Adversarial Variational Auto-Encoder with Regularization[J].IEEE Access,2020,8:42169-42184. [12]LI Y Z,ZHANG S P,LI Y,et al.Research on Intrusion Detection Algorithm Based on Deep Learning and Semi-Supervised Clustering[J].International Journal of Cyber Research and Education (IJCRE),2020,2(2):38-60. [13]VINCENT P,LAROCHELLE H,BENGIO Y,et al.Extracting and composing robust features with denoising autoencoders[C]//Proceedings of the 25th International Conference on Machine Learning.ACM,2008:1096-1103. [14]YAO Y Y.Three-way decision:an interpretation of rules inrough set theory[C]//International Conference on Rough Sets and Knowledge Technology.Berlin,Heidelberg:Springer,2009:642-649. [15]ZHANG Y B,MIAO D Q,ZHANG Z F.Multi-granularity text sentiment classification model based on three-way decisions[J].Computer Science,2017,44(12):188-193. [16]ZHANG L B,LI H X,ZHOU X Z,et al.Sequential three-way decision based on multi-granular autoencoder features[J].Information Sciences,2020,507:630-643. [17]LIU D,LIANG D C.Generalized three-way decisions and special three-way decisions[J].Journal of Frontiers of Computer Scien-ce and Technology,2017,11(3):502-510. [18]MALDONADO S,PETERS G,WEBER R.Credit scoringusing three-way decisions with probabilistic rough sets[J].Information Sciences,2020,507:700-714. [19]YAO Y Y.Granular computing and sequential three-way decisions[C]//International Conference on Rough Sets and Knowle-dge Technology.Berlin,Heidelberg:Springer,2013:16-27. [20]SENTHILNAYAKI B,VENKATALAKSHMI K,KANNANA.Intrusion Detection System using Fuzzy Rough Set Feature Selection and Modified KNN Classifier[J].International Arab Journal of Information Technology,2019,16(4):746-753. [21]AL-QATF M,LASHENG Y,AL-HABIB M,et al.Deep lear-ning approach combining sparse autoencoder with SVM for network intrusion detection[J].IEEE Access,2018,6:52843-52856. [22]REN J D,LIU X Q,WANG Q,et al.A Multi-Level Intrusion Detection Method Based on KNN Outlier Detection and Random Forests[J].Journal of Computer Research and Development,2019,56(3):566-575. [23]DING Y,LI Y Z.Research on Intrusion Detection Algorithm Based on PCA and Semi-Supervised Clustering[J].Journal of Shandong University (Engineering Science),2012,42(5):41-46. [24]DU Y,ZHANG Y D,LI M H,et al.Improved Fast ICA algorithm for data optimization processing in intrusion detection[J].Journal on Communications,2016,37(1):42-48. [25]GHASEMI J,ESMAILY J.Intrusion Detection Systems Using a Hybrid SVD-Based Feature Extraction Method[J].International Journal of Security and Networks,2017,12(4):230-240. [26]LIU J H,MAO S P,FU X M.Intrusion Detection Model Based on ICA Algorithm and Deep Neural Network[J].NetinfoSecu-rity,2019,19(3):1-10. [27]FENG W Y,GUO X B,HE Y Y,et al.Intrusion DetectionModel Based on Feedforward Neural Network[J].Netinfo Security,2019,19(9):101-105. [28]SHONE N,NGOC T N,PHAI V D,et al.A Deep Learning Approach to Network Intrusion Detection[J].IEEE Transactions on Emerging Topics in Computational Intelligence,2018,2(1):41-50. |
[1] | 王冠宇, 钟婷, 冯宇, 周帆. 基于矢量量化编码的协同过滤推荐方法 Collaborative Filtering Recommendation Method Based on Vector Quantization Coding 计算机科学, 2022, 49(9): 48-54. https://doi.org/10.11896/jsjkx.210700109 |
[2] | 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠. 基于战术关联的网络安全风险评估框架 Network Security Risk Assessment Framework Based on Tactical Correlation 计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171 |
[3] | 王磊, 李晓宇. 基于随机洋葱路由的LBS移动隐私保护方案 LBS Mobile Privacy Protection Scheme Based on Random Onion Routing 计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077 |
[4] | 王馨彤, 王璇, 孙知信. 基于多尺度记忆残差网络的网络流量异常检测模型 Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network 计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011 |
[5] | 张源, 康乐, 宫朝辉, 张志鸿. 基于Bi-LSTM的期货市场关联交易行为检测方法 Related Transaction Behavior Detection in Futures Market Based on Bi-LSTM 计算机科学, 2022, 49(7): 31-39. https://doi.org/10.11896/jsjkx.210400304 |
[6] | 胡艳羽, 赵龙, 董祥军. 一种用于癌症分类的两阶段深度特征选择提取算法 Two-stage Deep Feature Selection Extraction Algorithm for Cancer Classification 计算机科学, 2022, 49(7): 73-78. https://doi.org/10.11896/jsjkx.210500092 |
[7] | 曾志贤, 曹建军, 翁年凤, 蒋国权, 徐滨. 基于注意力机制的细粒度语义关联视频-文本跨模态实体分辨 Fine-grained Semantic Association Video-Text Cross-modal Entity Resolution Based on Attention Mechanism 计算机科学, 2022, 49(7): 106-112. https://doi.org/10.11896/jsjkx.210500224 |
[8] | 程成, 降爱莲. 基于多路径特征提取的实时语义分割方法 Real-time Semantic Segmentation Method Based on Multi-path Feature Extraction 计算机科学, 2022, 49(7): 120-126. https://doi.org/10.11896/jsjkx.210500157 |
[9] | 杜航原, 李铎, 王文剑. 一种面向电商网络的异常用户检测方法 Method for Abnormal Users Detection Oriented to E-commerce Network 计算机科学, 2022, 49(7): 170-178. https://doi.org/10.11896/jsjkx.210600092 |
[10] | 赵冬梅, 吴亚星, 张红斌. 基于IPSO-BiLSTM的网络安全态势预测 Network Security Situation Prediction Based on IPSO-BiLSTM 计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103 |
[11] | 陶礼靖, 邱菡, 朱俊虎, 李航天. 面向网络安全训练评估的受训者行为描述模型 Model for the Description of Trainee Behavior for Cyber Security Exercises Assessment 计算机科学, 2022, 49(6A): 480-484. https://doi.org/10.11896/jsjkx.210800048 |
[12] | 郁舒昊, 周辉, 叶春杨, 王太正. SDFA:基于多特征融合的船舶轨迹聚类方法研究 SDFA:Study on Ship Trajectory Clustering Method Based on Multi-feature Fusion 计算机科学, 2022, 49(6A): 256-260. https://doi.org/10.11896/jsjkx.211100253 |
[13] | 杜鸿毅, 杨华, 刘艳红, 杨鸿鹏. 基于网络媒体的非线性动力学信息传播模型 Nonlinear Dynamics Information Dissemination Model Based on Network Media 计算机科学, 2022, 49(6A): 280-284. https://doi.org/10.11896/jsjkx.210500043 |
[14] | 刘伟业, 鲁慧民, 李玉鹏, 马宁. 指静脉识别技术研究综述 Survey on Finger Vein Recognition Research 计算机科学, 2022, 49(6A): 1-11. https://doi.org/10.11896/jsjkx.210400056 |
[15] | 邓凯, 杨频, 李益洲, 杨星, 曾凡瑞, 张振毓. 一种可快速迁移的领域知识图谱构建方法 Fast and Transmissible Domain Knowledge Graph Construction Method 计算机科学, 2022, 49(6A): 100-108. https://doi.org/10.11896/jsjkx.210900018 |
|