计算机科学

计算机科学 ›› 2019, Vol. 46 ›› Issue (3): 197-201.doi: 10.11896/j.issn.1002-137X.2019.03.029

• 信息安全 • 上一篇    下一篇

基于深度生成模型的半监督入侵检测算法

曹卫东,许志香,王静   

  1. 中国民航大学计算机科学与技术学院 天津 300300
  • 收稿日期:2018-01-18 修回日期:2018-05-23 出版日期:2019-03-15 发布日期:2019-03-22
  • 作者简介:曹卫东(1964-),女,博士,副教授,CCF会员,主要研究方向为数据库与数据挖掘、民航信息系统软件可靠性;王静(1980-),女,博士,讲师,主要研究方向为网络安全。
  • 基金资助:
    机载网络安全防护适航审定技术研究项目(AADSA0018)资助

Intrusion Detection Based on Semi-supervised Learning with Deep Generative Models

CAO Wei-dong, XU Zhi-xiang, WANG Jing   

  1. College of Computer Science and Technology,Civil Aviation University of China,Tianjin 300300,China
  • Received:2018-01-18 Revised:2018-05-23 Online:2019-03-15 Published:2019-03-22

PDF (PC)

964

摘要: 针对基于监督学习的入侵检测算法所需训练样本标签难以收集、无监督学习算法准确度不高,以及网络入侵检测中的高维数据处理的问题,提出一种基于深度生成模型的半监督入侵检测方法。该方法旨在构建合理有效的目标函数,提高模型的分类准确率及泛化能力。首先,用变分自编码(Variational Auto-Encoder,VAE)将高维原始数据双向映射至低维空间,以获得原始数据的低维表示;然后,用数据的生成模型提高单独使用有标签数据时的分类准确率。实验表明,该方法利用少量有标记数据能够取得较高的检测准确率。

关键词: 半监督, 变分自编码, 入侵检测, 生成模型

Abstract: Aiming at the difficulties that training samples of intrusion detection algorithms based on supervised learning are insufficient,and unsupervised algorithms have low detection rate,a new semi-supervised intrusion detection method based on deep generative models was proposed.This method aims to improve the detection accuracy and the generalization ability of the model by constructing an effective objective function.First,variational auto-encoder in the model is employedto map the vector of raw data from the high-dimensional space to low-dimensional,and the corresponding optimal low-dimension representation of raw can be obtained.Then,the generative model is used to improve the classification accuracy by only using the labeled samples.Experiments show that this method can achieve high accuracy while using a limited number of labeled samples.

Key words: Generative model, Intrusion detection, Semi-supervised, Variational autoencoder

中图分类号: 

  • TP393.08
[1]CHANDOLA V,BANERJEE A,KUMAR V.Anomaly detec-
tion:A survey[J].ACM Computing Surveys(CSUR),2009,41(3):1-58.
[2]DENNING D E.An Intrusion-Detection Model.IEEE Transactions on Software Engineering,2006,SE-13(2):222-232.
[3]SOMMER R,PAXSON V.Outside the Closed World:On Using Machine Learning for Network Intrusion Detection[C]∥IEEE Symposium on Security and Privacy.IEEE Computer Society,2010:305-316.
[4]LASKOV P,DSSEL P,SCHFER C,et al.Learning Intrusion Detection:Supervised or Unsupervised?[C]∥International Conference on Image Analysis and Processing.Springer-Verlag,2005:50-57.
[5]LIANG C,LI C H.Novel Intrusion Detection Method Based on Semi-supervised Clustering[J].Computer Science,2016,43(5):87-90.(in Chinese)
梁辰,李成海.一种新的半监督入侵检测方法[J].计算机科学,2016,43(5):87-90.
[6]YANG S L,YANG Y H,SHEN Q N,et al.A method of Intrusion Detection Based on Semi-Supervised GHSOM[J].Journal of Computer Research and Development,2013,50(11):2375-2382.(in Chinese)
阳时来,杨雅辉,沈晴霓,等.一种基于半监督GHSOM的入侵检测方法[J].计算机研究与发展,2013,50(11):2375-2382.
[7]ZHANG X,ZHU P,TIAN J,et al.An effective semi-supervised model for intrusion detection using feature selection based Lap-SVM[C]∥2017 International Conference on Computer,Information and Telecommunication Systems (CITS).Dalian,2017:283-286.
[8]ASHFAQ R A R,WANG X Z,HUANG J Z,et al.Fuzziness based semi-supervised learning approach for intrusion detection system[J].Information Sciences An International Journal,2017,378(C):484-497.
[9]NOSADA G,OMOTE K,NISHIDE T.Network Intrusion Detection Based on Semi-supervised Variational Auto-Encoder[C]∥European Symposium on Research in Computer Security-ESORICS 2017.Cham:Springer,2017.
[10]FITRIANI S,MANDALA S,MURTI M A.Review of semi-supervised method for Intrusion Detection System[C]∥Multimedia and Broadcasting.IEEE,2017:36-41.
[11]KINGMA D P,WELLING M.Auto-Encoding Variational Bayes[C]∥Conference proceedings:papers accepted to the International Conference on Learning Representations (ICLR).2014.
[12]KINGMA D P,REZENDE D J,MOHAMED S,et al.Semi-Supervised Learning with Deep Generative Models[J].Advances in Neural Information Processing Systems,2014,4:3581-3589.
[13]MERZ C J,CLAIR D C,BOND W E.SeMi-supervised adaptive resonance theory (SMART2)[C]∥International Joint Con-ference on Neural Networks.IEEE,1992.
[14]周志华.机器学习[M].北京:清华大学出版社,2016:298-297.
[15]LIU J W,LIU Y,LUO X L.Semi-Supervised Learning Methods[J].Chinese Journal of Couputers,2015,38(8):1592-1617.(in Chinese)
刘建伟,刘媛,罗雄麟.半监督学习方法[J].计算机学报,2015,38(8):1592-1617.
[16]GAO N,GAO L,HE Y Y,et al.A Lightweight Intrusion Detection Model Based on Autoencoder Network with Feature Reduction[J].2017,45(3):730-739.(in Chinese)
高妮,高岭,贺毅岳,等.基于自编码网络特征降维的轻量级入侵检测模型[J].电子学报,2017,45(3):730-739.
[17]TAVALLAEE M,BAGHERI E,LU W,et al.A detailed analysis of the KDD CUP 99 data set[C]∥IEEE International Conference on Computational Intelligence for Security & Defense Applications.IEEE,2009:1-6.
[1] 王冠宇, 钟婷, 冯宇, 周帆.
基于矢量量化编码的协同过滤推荐方法
Collaborative Filtering Recommendation Method Based on Vector Quantization Coding
计算机科学, 2022, 49(9): 48-54. https://doi.org/10.11896/jsjkx.210700109
[2] 王馨彤, 王璇, 孙知信.
基于多尺度记忆残差网络的网络流量异常检测模型
Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network
计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011
[3] 武红鑫, 韩萌, 陈志强, 张喜龙, 李慕航.
监督和半监督学习下的多标签分类综述
Survey of Multi-label Classification Based on Supervised and Semi-supervised Learning
计算机科学, 2022, 49(8): 12-25. https://doi.org/10.11896/jsjkx.210700111
[4] 胡艳羽, 赵龙, 董祥军.
一种用于癌症分类的两阶段深度特征选择提取算法
Two-stage Deep Feature Selection Extraction Algorithm for Cancer Classification
计算机科学, 2022, 49(7): 73-78. https://doi.org/10.11896/jsjkx.210500092
[5] 侯夏晔, 陈海燕, 张兵, 袁立罡, 贾亦真.
一种基于支持向量机的主动度量学习算法
Active Metric Learning Based on Support Vector Machines
计算机科学, 2022, 49(6A): 113-118. https://doi.org/10.11896/jsjkx.210500034
[6] 庞兴龙, 朱国胜.
基于半监督学习的网络流量分析研究
Survey of Network Traffic Analysis Based on Semi Supervised Learning
计算机科学, 2022, 49(6A): 544-554. https://doi.org/10.11896/jsjkx.210600131
[7] 周志豪, 陈磊, 伍翔, 丘东亮, 梁广升, 曾凡巧.
基于SMOTE-SDSAE-SVM的车载CAN总线入侵检测算法
SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm
计算机科学, 2022, 49(6A): 562-570. https://doi.org/10.11896/jsjkx.210700106
[8] 曹扬晨, 朱国胜, 孙文和, 吴善超.
未知网络攻击识别关键技术研究
Study on Key Technologies of Unknown Network Attack Identification
计算机科学, 2022, 49(6A): 581-587. https://doi.org/10.11896/jsjkx.210400044
[9] 王宇飞, 陈文.
基于DECORATE集成学习与置信度评估的Tri-training算法
Tri-training Algorithm Based on DECORATE Ensemble Learning and Credibility Assessment
计算机科学, 2022, 49(6): 127-133. https://doi.org/10.11896/jsjkx.211100043
[10] 魏辉, 陈泽茂, 张立强.
一种基于顺序和频率模式的系统调用轨迹异常检测框架
Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns
计算机科学, 2022, 49(6): 350-355. https://doi.org/10.11896/jsjkx.210500031
[11] 许华杰, 陈育, 杨洋, 秦远卓.
基于混合样本自动数据增强技术的半监督学习方法
Semi-supervised Learning Method Based on Automated Mixed Sample Data Augmentation Techniques
计算机科学, 2022, 49(3): 288-293. https://doi.org/10.11896/jsjkx.210100156
[12] 唐雨潇, 王斌君.
基于深度生成模型的人脸编辑研究进展
Research Progress of Face Editing Based on Deep Generative Model
计算机科学, 2022, 49(2): 51-61. https://doi.org/10.11896/jsjkx.210400108
[13] 乔杰, 蔡瑞初, 郝志峰.
一种基于信息瓶颈的因果关系挖掘方法
Mining Causality via Information Bottleneck
计算机科学, 2022, 49(2): 198-203. https://doi.org/10.11896/jsjkx.210100053
[14] 侯宏旭, 孙硕, 乌尼尔.
蒙汉神经机器翻译研究综述
Survey of Mongolian-Chinese Neural Machine Translation
计算机科学, 2022, 49(1): 31-40. https://doi.org/10.11896/jsjkx.210900006
[15] 张师鹏, 李永忠.
基于降噪自编码器和三支决策的入侵检测方法
Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions
计算机科学, 2021, 48(9): 345-351. https://doi.org/10.11896/jsjkx.200500059
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发