Computer Science ›› 2019, Vol. 46 ›› Issue (11A): 473-476.

• Information Security • Previous Articles     Next Articles

Study on Intrusion Detection Based on PCA-LSTM

GAO Zhong-shi1, SU Yang 1,2, LIU Yu-dong1   

  1. (Key Laboratory for Network and Information Security of Chinese Armed Police Force,Engineering University of PAP,Xi’ an 710086,China)1;
    (College of Cryptographic Engineering,Engineering College of PAP,Xi’an 710086,China)2
  • Online:2019-11-10 Published:2019-11-20

Abstract: At present,concealed attacks such as exploit,generics,SQL injection and APT are becoming more and more serious,and shallow machine learning is no longer a good way to detect these hidden forms of attack.In this paper,an intrusion detection model based on principal component analysis optimization for long and short time memory networks was designed.The main principle is to remove the noise information in the sample data through principal component analysis,and utilize the memory function of long and short memory networks and the powerful sequence data learning ability.The UNSW-NB15 data set established by Australian Network Cyber Center is adopted to conduct experimental analysis by adjusting the key parameters time-steps,learning rate and activation function.The results show that this model has higher accuracy than traditional model.

Key words: Accuracy, Intrusion detection, Long short-term memory, Principal component analysis, UNSW-NB15

CLC Number: 

  • TP309
[1]RASS S,ZHU Q.GADAPT:A Sequential Game-TheoreticFramework for Designing Defense-in-Depth Strategies Against Advanced Persistent Threats[C]∥International Conference on Decision and Game Theory for Security.Springer International Publishing,2016:314-326.
[2]http://www.cert.org.cn/publish/main/46/2018/20180802135136854322283/20180802135136854322283_.html.
[3]卿斯汉,蒋建春,马恒太,等.入侵检测技术研究综述[J].通信学报,2004,25(7):19-29.
[4]LEE W,STOLFO S J,MOKA K W.Data mining framework for building intrusion detection models[C]∥Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat.No.99CB36344).Oakland,CA,USA,1999,pp.120-132.
[5]付钰,李洪成,吴晓平,等.基于大数据分析的APT攻击检测研究综述[J].通信学报,2015,36(11):1-14.
[6]OWEZARSKI P,MAZEL J,LABIT Y.0day anomaly detection made possible thanks to machine learning[M]∥Wired/Wireless Internet Communications.Springer Berlin Heidelberg,2010.
[7]SCHMIDHUBER J.Deep Learning in neural networks:Anoverview[J].Neural Netw,2015,61:85-117.
[8]孙志军,薛磊,许阳明,等.深度学习研究综述[J].计算机应用研究,2012,29(8):2806-2810.
[9]王伟.基于深度学习的网络流量分类及异常检测方法研究[D].合肥:中国科学技术大学,2018.
[10]WANG W,ZHU M,ZENG X,et al.Malware traffic classification using convolutional neural network for representation learning[C]∥International Conference on Information Networking.IEEE,2017.
[11]PEKTAPS,,ABDURRAHMAN,ACARMAN T.A deep learning method to detect network intrusion through flow-based features[J].International Journal of Network Management,2018.
[12]冶晓隆,兰巨龙,郭通.基于PCA和禁忌搜索的网络流量特征选择算法[J].计算机科学,2014,41(1):187-191.
[13]HOCHREITER S,SCHMIDHUBER J.Long Short-Term Memory[J].Neural Computation,1997,9(8):1735-1780.
[14]ADITYA R,FABIO D T,MARK S.Hidden Markov modelswith random restarts versus boosting for malware detection[J].Journal of Computer Virology and Hacking Techniques,2018.
[15]GREFF K,SRIVASTAVA R K,KOUTNÍ K,et al.LSTM:ASearch Space Odyssey[J].IEEE Transactions on Neural Networks & Learning Systems,2015,28(10):2222-2232.
[16]DAPPA.KDD Cup99 dataset[EB/OL].[2019-03-10].http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
[17]UNSW-NB15[EB/OL].[2019-03-10].http://www.cybersecurity.unsw.adfa.edu.au/ADFA%20NB15%20Datasets/.
[18]陶新民,刘福荣,杜宝祥.不均衡数据SVM分类算法及其应用[M].哈尔滨:黑龙江科学技术出版社,2011:43-45.
[1] LI Qi-ye, XING Hong-jie. KPCA Based Novelty Detection Method Using Maximum Correntropy Criterion [J]. Computer Science, 2022, 49(8): 267-272.
[2] WANG Xin-tong, WANG Xuan, SUN Zhi-xin. Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network [J]. Computer Science, 2022, 49(8): 314-322.
[3] ZHOU Zhi-hao, CHEN Lei, WU Xiang, QIU Dong-liang, LIANG Guang-sheng, ZENG Fan-qiao. SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm [J]. Computer Science, 2022, 49(6A): 562-570.
[4] CAO Yang-chen, ZHU Guo-sheng, SUN Wen-he, WU Shan-chao. Study on Key Technologies of Unknown Network Attack Identification [J]. Computer Science, 2022, 49(6A): 581-587.
[5] WANG Shan, XU Chu-yi, SHI Chun-xiang, ZHANG Ying. Study on Cloud Classification Method of Satellite Cloud Images Based on CNN-LSTM [J]. Computer Science, 2022, 49(6A): 675-679.
[6] KANG Yan, XU Yu-long, KOU Yong-qi, XIE Si-yu, YANG Xue-kun, LI Hao. Drug-Drug Interaction Prediction Based on Transformer and LSTM [J]. Computer Science, 2022, 49(6A): 17-21.
[7] WANG Fei, HUANG Tao, YANG Ye. Study on Machine Learning Algorithms for Life Prediction of IGBT Devices Based on Stacking Multi-model Fusion [J]. Computer Science, 2022, 49(6A): 784-789.
[8] QUE Hua-kun, FENG Xiao-feng, LIU Pan-long, GUO Wen-chong, LI Jian, ZENG Wei-liang, FAN Jing-min. Application of Grassberger Entropy Random Forest to Power-stealing Behavior Detection [J]. Computer Science, 2022, 49(6A): 790-794.
[9] WEI Hui, CHEN Ze-mao, ZHANG Li-qiang. Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns [J]. Computer Science, 2022, 49(6): 350-355.
[10] PAN Zhi-hao, ZENG Bi, LIAO Wen-xiong, WEI Peng-fei, WEN Song. Interactive Attention Graph Convolutional Networks for Aspect-based Sentiment Classification [J]. Computer Science, 2022, 49(3): 294-300.
[11] ZHANG Shi-peng, LI Yong-zhong. Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions [J]. Computer Science, 2021, 48(9): 345-351.
[12] WU Shan-jie, WANG Xin. Prediction of Tectonic Coal Thickness Based on AGA-DBSCAN Optimized RBF Neural Networks [J]. Computer Science, 2021, 48(7): 308-315.
[13] LI Bei-bei, SONG Jia-rui, DU Qing-yun, HE Jun-jiang. DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things [J]. Computer Science, 2021, 48(7): 47-54.
[14] CHENG Xi, CAO Xiao-mei. SQL Injection Attack Detection Method Based on Information Carrying [J]. Computer Science, 2021, 48(7): 70-76.
[15] LIU Meng-yang, WU Li-juan, LIANG Hui, DUAN Xu-lei, LIU Shang-qing, GAO Yi-bo. A Kind of High-precision LSTM-FC Atmospheric Contaminant Concentrations Forecasting Model [J]. Computer Science, 2021, 48(6A): 184-189.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!