Computer Science ›› 2019, Vol. 46 ›› Issue (11A): 442-445.

• Information Security • Previous Articles     Next Articles

Custom User Anomaly Behavior Detection Based on Deep Neural Network

CHEN Sheng, ZHU Guo-sheng, QI Xiao-yun, LEI Long-fei, WU Shan-chao, WU Meng-yu   

  1. (School of Computer and Information Engineering,Hubei University,Wuhan 430062,China)
  • Online:2019-11-10 Published:2019-11-20

Abstract: In the network environment of big data,the method of detecting the abnormal behavior of the traditional user have the question that it can not meet the massive data detection requirements,can not respond to the constantly updated abnormal behavior and malware quickly and does not consider the user behavior management and other issues,so that the accuracy and stability of the abnormal detection is insufficient.Combining the technology of network traffic analysis,this paper proposed a custom model of the abnormal user behavior detection based on deep neural network,which realizes fine-grained analysis of network traffic and customizes user behavior management settings to make user anomaly detection more closely integrated with the needs of specific network environments.The data of network traffic analysis was used as the input vector of the deep neural network algorithm to realize massive data detection and custom user behavior management,and detect unknown abnormal behavior.The experimental results show that the proposed method has high accuracy and robustness,can effectively implement custom user behavior management,and solve the shortage of the traditional user anomalies.

Key words: Custom, Deep neural network, Network traffic, User anomalous behavior

CLC Number: 

  • TP181
[1]NGUYEN D T,JUNG J E.Real-time event detection for online behavioral analysis of big social data[J].Future Generation Computer Systems,2017,66:137-145.
[2]JIA Z,SHEN C,YI X,et al.Big-data analysis of multi-source logs for anomaly detection on network-based system[C]∥2017 13th IEEE Conference on Automation Science and Engineering (CASE).IEEE,2017:1136-1141.
[3]HABEEB R A A,NASARUDDIN F,GANI A,et al.Real-time big data processing for anomaly detection:A Survey[J].International Journal of Information Management,2018.
[4]HAMED T,ERNST J B,KREMER S C.A survey and taxonomy of classifiers of intrusion detection systems[M]∥Computer and network security essentials.Springer,Cham,2018:21-39.
[5]BINKLEY J R,Singh S.An Algorithm for Anomaly-based Botnet Detection[J].SRUTI,2006,6:7-7.
[6]GARCIA-TEODORO P,DIAZ-VERDEJO J,MACIÁ-FERNÁ-NDEZ G,et al.Anomaly-based network intrusion detection:Techniques,systems and challenges[J].computers & security,2009,28(1/2):18-28.
[7]ZHU M,YE K,XU C Z.Network Anomaly Detection and Identification Based on Deep Learning Methods[C]∥International Conference on Cloud Computing.Springer,Cham,2018:219-234.
[8]BUCZAK A L,GUVEN E.A survey of data mining and ma-chine learning methods for cyber security intrusion detection[J].IEEE Communications Surveys & Tutorials,2016,18(2):1153-1176.
[9]宋海涛,韦大伟,汤光明,等.基于模式挖掘的用户行为异常检测算法[J].小型微型计算机系统,2016,37(2):221-226.
[10]赵刚,姚兴仁.基于用户画像的异常行为检测模型[J].信息网络安全,2017(7):18-24.
[11]丁珊.基于深度学习的入侵检测关键技术研究[D].北京:北京交通大学,2018.
[12]QIAO Y,XING Z,FADLULLAH Z M,et al.CharacterizingFlow,Application,and User Behavior in Mobile Networks:A Framework for Mobile Big Data[J].IEEE Wireless Communications,2018,25(1):40-49.
[13]ALTHOFF T,JINDAL P,LESKOVEC J.Online actions with offline impact:How online social networks influence online and offline user behavior[C]∥Proceedings of the Tenth ACM International Conference on Web Search and Data Mining.ACM,2017:537-546.
[14]MILLER D J,WANG Y,KESIDIS G.Anomaly detection of attacks (ADA) on DNN classifiers at test time[C]∥2018 IEEE 28th International Workshop on Machine Learning for Signal Processing (MLSP).IEEE,2018:1-6.
[15]AMARASINGHE K,KENNEY K,MANIC M.Toward ex-plainable deep neural network based anomaly detection[C]∥2018 11th International Conference on Human System Interaction (HSI).IEEE,2018:311-317.
[16]KWON D,KIM H,KIM J,et al.A survey of deep learning-based network anomaly detection[J].Cluster Computing,2017:1-13.
[17]LÓPEZ A U,MATEO F,NAVíO-MARCO J,et al.Analysis of Computer User Behavior,Security Incidents and Fraud Using Self-Organizing Maps[J].Computers & Security,2019.
[18]The Bro Network Security Monitor[OL].http://www.bro.org.
[19]ALJAWARNEH S,ALDWAIRI M,YASSEIN M B.Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model[J].Journal of Computational Science,2018,25:152-160.
[20]HE H,GARCIA E A.Learning from imbalanced data[J].IEEE Transactions on Knowledge and Data Engineering,2009,21(9):1263-1284.
[1] WANG Xin-tong, WANG Xuan, SUN Zhi-xin. Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network [J]. Computer Science, 2022, 49(8): 314-322.
[2] YANG Ya-hong, WANG Hai-rui. DDoS Attack Detection Method in SDN Environment Based on Renyi Entropy and BiGRU Algorithm [J]. Computer Science, 2022, 49(6A): 555-561.
[3] ZHANG Ji-lin, SHAO Yu-cao, REN Yong-jian, YUAN Jun-feng, WAN Jian, ZHOU Li. Dynamic Customization Model of Business Processes Supporting Multi-tenant [J]. Computer Science, 2022, 49(6A): 705-713.
[4] Ran WANG, Jiang-tian NIE, Yang ZHANG, Kun ZHU. Clustering-based Demand Response for Intelligent Energy Management in 6G-enabled Smart Grids [J]. Computer Science, 2022, 49(6): 44-54.
[5] WEI Hui, CHEN Ze-mao, ZHANG Li-qiang. Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns [J]. Computer Science, 2022, 49(6): 350-355.
[6] JIAO Xiang, WEI Xiang-lin, XUE Yu, WANG Chao, DUAN Qiang. Automatic Modulation Recognition Based on Deep Learning [J]. Computer Science, 2022, 49(5): 266-278.
[7] GAO Jie, LIU Sha, HUANG Ze-qiang, ZHENG Tian-yu, LIU Xin, QI Feng-bin. Deep Neural Network Operator Acceleration Library Optimization Based on Domestic Many-core Processor [J]. Computer Science, 2022, 49(5): 355-362.
[8] FAN Hong-jie, LI Xue-dong, YE Song-tao. Aided Disease Diagnosis Method for EMR Semantic Analysis [J]. Computer Science, 2022, 49(1): 153-158.
[9] ZHOU Xin, LIU Shuo-di, PAN Wei, CHEN Yuan-yuan. Vehicle Color Recognition in Natural Traffic Scene [J]. Computer Science, 2021, 48(6A): 15-20.
[10] DOU Shuai, LI Zi-yang, ZHU Jia-jia, LI Xiao-hui, LI Xue-song, MI Lin, YANG Guang, LI Chuan-rong. Design and Implementation of Scientific Experiment Management System Based on jBPM [J]. Computer Science, 2021, 48(6A): 658-663.
[11] XIANG Chang-sheng, CHEN Zhi-gang. Chaotic Prediction Model of Network Traffic for Massive Data [J]. Computer Science, 2021, 48(5): 289-293.
[12] DU Shao-hua, WAN Huai-yu, WU Zhi-hao, LIN You-fang. Customs Commodity HS Code Classification Integrating Text Sequence and Graph Information [J]. Computer Science, 2021, 48(4): 97-103.
[13] LIU Dong, WANG Ye-fei, LIN Jian-ping, MA Hai-chuan, YANG Run-yu. Advances in End-to-End Optimized Image Compression Technologies [J]. Computer Science, 2021, 48(3): 1-8.
[14] PAN Yu, ZOU Jun-hua, WANG Shuai-hui, HU Gu-yu, PAN Zhi-song. Deep Community Detection Algorithm Based on Network Representation Learning [J]. Computer Science, 2021, 48(11A): 198-203.
[15] MA Lin, WANG Yun-xiao, ZHAO Li-na, HAN Xing-wang, NI Jin-chao, ZHANG Jie. Network Intrusion Detection System Based on Multi-model Ensemble [J]. Computer Science, 2021, 48(11A): 592-596.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!