计算机科学 ›› 2021, Vol. 48 ›› Issue (12): 357-363.doi: 10.11896/jsjkx.201000086
• 信息安全 • 上一篇
石琳姗1, 马创2, 杨云3, 靳敏1
SHI Lin-shan1, MA Chuang2, YANG Yun3, JIN Min1
摘要: 针对物联网环境下产生的新型网络攻击的数量持续上升和复杂性不断升高,传统的异常检测算法误报率高、检测率低以及数据量大而造成计算困难等问题,提出了一种基于子空间聚类(Subspace Clustering,SSC)和BP神经网络相结合的异常检测算法。首先在网络数据集上通过子空间聚类算法中最常用的CLIQUE算法得到不同的子空间;其次对不同子空间中的数据进行BP神经网络异常检测,计算预测误差值,通过与预先设定好的精度进行比较,来不断更新阈值进行修正,以达到提高识别网络攻击的能力。仿真实验采用NSL-KDD公开数据集和物联网环境下的网络攻击数据集,将NSL-KDD公开数据集分割为4种单一攻击子集和1种混合攻击子集,通过与K-means,DBSCAN,SSC-EA以及k-KNN异常检测模型进行比较,在混合攻击子集中,SSC-BP神经网络模型的检测率比传统的K-means模型的检测率提高了6%,误检率降低了0.2%;而在4种单一攻击子集中,SSC-BP神经网络模型都能以最低的误检率检测出最多的受到攻击的网络。在物联网环境下的网络攻击数据集上,SSC-BP神经网络模型的性能均优于其他几种对比模型。
中图分类号:
| [1]SHI J S,LI R.Survey of Blockchain Access Control in Internet of Things[J].Journal of Software,2019,30(6):1632-1648. [2]SHA L T,XIAO F,CHEN W,et al.Leakage Perception Method for Backdoor Privacy in Industry Internet of Things Environment[J].Journal of Software,2018,29(7):1863-1879. [3]JIANG Z,WU Q,LI H W,et al.Survey on Internet End-to-end Multipath Transfer Research with Cross-layer Optimization[J].Journal of Software,2019,30(2):302-322. [4]ZHANG L.Research on Intrusion Detection Model Based on Rough Set and Artificial Immune[D].Beijing:Beijing University of Posts and Telecommunications,2014. [5]GUO P,LI J W,JUN S,et al.A Hybrid Unsupervised Clustering-Based Anomaly Detection Method[J].Tsinghua Science and Technology,2021,26(2):146-153. [6]LIU J,ZHANG H C,XU G X.An Anomaly Detector Deployment Awareness Detection Framework based on Multi-Dimensional Resources Balancing in Cloud Platform[J].IEEE Access,2018,6:44927-44932. [7]MOUSTAFA N,TURNBULL B,CHOO K.An Ensemble In- trusion Detection Technique based on proposed Statistical Flow Features for Protecting Network Traffic of Internet of Things[J].IEEE Internet of Things Journal,2018,6(3):4815-4830. [8]DU Q.Research on Distributed Deployment of Anomaly Detection Function Based on Internet of Things Environment[D].Chengdu:Journal of University of Electronic Science and Technology of China,2017. [9]ALRASHDI I,ALQAZZAZ A,ALOUFI E,et al.AD-IoT: Anomaly Detection of IoT Cyberattacks in Smart City Using Machine Learning[C]//2019 IEEE 9th Annual Computing and Communication Workshop and Conference(CCWC).IEEE,2019. [10]ZHONG J,YANG Q,GAO W.Dynamic Scheduling Algorithm for Scalable Big Data Stream in Internet of Things[J].Journal of Chongqing University of Technology(Natural Science),2019,33(9):182-189. [11]EFREM H B,ADHISTYA E P,SILMI F.Unsupervised Ano- maly Detection Using K-Means,Local Outlier Factor and One Class SVM[C]//2019 5th International Conference on Science and Technology(ICST).2019. [12]YANG L.Network Anomaly Traffic Detection Algorithm Based on SVM[C]//2017 International Conference on Robots & Intelligent System(ICRIS).2017. [13]CHEN J Y,YANG D Y.Detector Generation Algorithm Based on Online GA for Anomaly Detection[C]//2011 International Conference on Network Computing and Information Security.2011. [14]ANSHIKA C,HIMANGI M,ANUJA A.Anomaly Detection using Graph Neural Networks[C]//2019 International Confe-rence on Machine Learning,Big Data,Cloud and Parallel Computing(COMITCon).2019. [15]HUANG Y F,CHUN W Y,TANG X L.A Temporal Recur- rent Neural Network Approach to Detecting Market Anomaly Attacks[C]//2018 IEEE International Conference on Intelli-gence and Security Informatics(ISI).2018. [16]PENG H.Research of Intrusion Detection Method Based on Rough Set[J].Journal of University of Electronic Science and Technology of China,2016,35(1):108-113. [17]SUN Z X,XU H X.Survey of the Application Research of Fuzzy Technology to Intrusion Detection Systems[J].Journal of Nanjing University of Posts and Telecommunications(Natural Science Edition),2006,26(4):73-80. [18]WANG G P,WANG J W.An anomaly detection framework for detecting anomalous virtual machines under cloud computing environment[J].International Journal of Security and its Applications,2016,10(1):75-86. [19]ZHANG H C,LIU J,WU T S.Adaptive and Incremental-Clustering Anomaly Detection Algorithm for VMs Under Cloud Platform Runtime Environment[J].IEEE access,2018(6):76984-76992. [20]XU B H,CHEN S Y,ZHANG H C.Incremental k-NN SVM Method in Intrusion Detection[C]//8th IEEE International Conference on Software Engineering and Service Science(ICSESS).2017:712-717. [21]KUMARI R,SHEETANSHU A,SINGH M K,et al.Anomaly detection in network traffic using K-mean clustering[C]//2016 3rd International Conference on Recent Advances in Information Technology(RAIT).IEEE,2016. [22]HOSSEIN S E,SAYYED M M.A Novel Anomaly Detection Algorithm Using DBSCAN and SVM in Wireless Sensor Networks[J].Wireless Personal Communications,2018,98(2):2025-2035. [23]FOKRUL A M,ALZAHRANI M Y,GEORGIEVA L.Anomaly Detection Using Agglomerative Hierarchical Clustering Algorithm[C]//International Conference on Information Science & Applications.Springer,Singapore,2018. |
| [1] | 徐天慧, 郭强, 张彩明. 基于全变分比分隔距离的时序数据异常检测 Time Series Data Anomaly Detection Based on Total Variation Ratio Separation Distance 计算机科学, 2022, 49(9): 101-110. https://doi.org/10.11896/jsjkx.210600174 |
| [2] | 李其烨, 邢红杰. 基于最大相关熵的KPCA异常检测方法 KPCA Based Novelty Detection Method Using Maximum Correntropy Criterion 计算机科学, 2022, 49(8): 267-272. https://doi.org/10.11896/jsjkx.210700175 |
| [3] | 王馨彤, 王璇, 孙知信. 基于多尺度记忆残差网络的网络流量异常检测模型 Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network 计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011 |
| [4] | 杜航原, 李铎, 王文剑. 一种面向电商网络的异常用户检测方法 Method for Abnormal Users Detection Oriented to E-commerce Network 计算机科学, 2022, 49(7): 170-178. https://doi.org/10.11896/jsjkx.210600092 |
| [5] | 徐佳楠, 张天瑞, 赵伟博, 贾泽轩. 面向供应链风险评估的改进BP小波神经网络研究 Study on Improved BP Wavelet Neural Network for Supply Chain Risk Assessment 计算机科学, 2022, 49(6A): 654-660. https://doi.org/10.11896/jsjkx.210800049 |
| [6] | 朱旭辉, 沈国娇, 夏平凡, 倪志伟. 基于螺旋进化萤火虫算法和BP神经网络的模型及其在PPP融资风险预测中的应用 Model Based on Spirally Evolution Glowworm Swarm Optimization and Back Propagation Neural Network and Its Application in PPP Financing Risk Prediction 计算机科学, 2022, 49(6A): 667-674. https://doi.org/10.11896/jsjkx.210800088 |
| [7] | 刘宝宝, 杨菁菁, 陶露, 王贺应. 基于DE-LSTM模型的教育统计数据预测研究 Study on Prediction of Educational Statistical Data Based on DE-LSTM Model 计算机科学, 2022, 49(6A): 261-266. https://doi.org/10.11896/jsjkx.220300120 |
| [8] | 武玉坤, 李伟, 倪敏雅, 许志骋. 单类支持向量机融合深度自编码器的异常检测模型 Anomaly Detection Model Based on One-class Support Vector Machine Fused Deep Auto-encoder 计算机科学, 2022, 49(3): 144-151. https://doi.org/10.11896/jsjkx.210100142 |
| [9] | 冷佳旭, 谭明圮, 胡波, 高新波. 基于隐式视角转换的视频异常检测 Video Anomaly Detection Based on Implicit View Transformation 计算机科学, 2022, 49(2): 142-148. https://doi.org/10.11896/jsjkx.210900266 |
| [10] | 夏静, 马中, 戴新发, 胡哲琨. 基于BP神经网络的智能云效能模型 Efficiency Model of Intelligent Cloud Based on BP Neural Network 计算机科学, 2022, 49(2): 353-367. https://doi.org/10.11896/jsjkx.201100140 |
| [11] | 刘意, 毛莺池, 程杨堃, 高建, 王龙宝. 基于邻域一致性的异常检测序列集成方法 Locality and Consistency Based Sequential Ensemble Method for Outlier Detection 计算机科学, 2022, 49(1): 146-152. https://doi.org/10.11896/jsjkx.201000156 |
| [12] | 张叶, 李志华, 王长杰. 基于核密度估计的轻量级物联网异常流量检测方法 Kernel Density Estimation-based Lightweight IoT Anomaly Traffic Detection Method 计算机科学, 2021, 48(9): 337-344. https://doi.org/10.11896/jsjkx.200600108 |
| [13] | 程铁军, 王曼. 基于变权组合的突发事件网络舆情趋势预测 Network Public Opinion Trend Prediction of Emergencies Based on Variable Weight Combination 计算机科学, 2021, 48(6A): 190-195. https://doi.org/10.11896/jsjkx.200600094 |
| [14] | 郭奕杉, 刘漫丹. 基于时空轨迹数据的异常检测 Anomaly Detection Based on Spatial-temporal Trajectory Data 计算机科学, 2021, 48(6A): 213-219. https://doi.org/10.11896/jsjkx.201100193 |
| [15] | 郭福民, 张华, 胡瑢华, 宋岩. 一种基于表面肌电信号的腕部肌力估计方法研究 Study on Method for Estimating Wrist Muscle Force Based on Surface EMG Signals 计算机科学, 2021, 48(6A): 317-320. https://doi.org/10.11896/jsjkx.200600021 |
|
||
首页