计算机科学 ›› 2020, Vol. 47 ›› Issue (2): 287-293.doi: 10.11896/jsjkx.190100047
陈佳,欧阳金源,冯安琪,吴远,钱丽萍
CHEN Jia,OUYANG Jin-yuan,FENG An-qi,WU Yuan,QIAN Li-ping
摘要: 随着网络技术的快速发展,网络攻击带来了极大的负面影响,因此网络安全问题亟待解决。针对网络攻击中的拒绝服务(Denial of Service,DoS)攻击,提出了一种基于边缘计算框架的孤立森林网络异常检测方法。该方法根据每个边缘节点的特性实现对模型训练任务的合理分配,有效地提高了边缘节点的利用效率;同时,利用边缘计算的特点实现了对云中心模型训练任务的分流,从而更好地减少系统的耗时,减轻云中心的任务负担。为了验证所提方法的有效性,对10%-KDDCUP99网络数据集进行预处理,并提取部分数据用于实验。实验结果表明,与支持向量机(Support Vector Machine,SVM)和多层感知器(Multi-Layer Perceptron,MLP)方法相比,所提方法将系统建立时间分别缩短了90%和60%,且得出的曲线下面积(Area Under Curve,AUC)可达0.9以上,这证明该方法能够在确保较高异常检测性能条的件下有效减少异常检测系统的建立时间。
中图分类号:
[1]PEDRO G T,JESUS D V,M GABRIEL M F,et al.Anomaly-based network intrusion detection:Techniques,systems and challenges [J].Computers & Security,2009,28(1/2):18-28. [2]TAN A P,CHEN H,WU B Q.Network Intrusion Intelligent Detection Algorithm Based on AdaBoost[J].Computer Scien-ce,2014,41(2):197-200. [3]CHEN J Y,XU X Y,SU M M.Research on Network Attack Detection Based on Self-adaptive Immune Computing [J].Computer Science,2018,45(S1):364-370. [4]WANG C,VISWANATHAN K,LAKSHMINARAYAN C, et al.Statistical techniques for online anomaly detection in data centers[C]∥Proceedings of the 12 IFIP/IEEE International Symposium on Integrated Network Management.IEEE,2011:385-392. [5]DING Z G,DU D J,FEI M R.An isolation principle based distributed anomaly detection method in wireless sensor networks [J].International Journal of Automation and Computing,2015,12(4):402-412. [6]KILLOURHY K S,MAXION R A.Comparing anomaly-detec-tion algorithms for keystroke dynamics[C]∥2009 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN).IEEE Computer Society,2009:125-134. [7]YU X S,HAN D Z,DU Z X.DDoS Attack Detection System Based on Intelligent Bee Colony Algorithm[J].Computer Scien-ce,2018,45(12):123-129. [8]FEDERICO S W,JUAN I A P,PABLO C D L H,et al.Anomaly Detection in Network Traffic Based on Statistical Inference and alpha-Stable Modeling [J].IEEE Transactions on Dependable &Secure Computing,2011,8(4):494-509. [9]MENG W Z,LI W J,KWOK L F.Design of intelligent KNN-based alarm filter using knowledge-based alert verification in intrusion detection [M].Security and Communication Networks,2015,8(18):3883-3895. [10]ZHANG J,ZULKERNINE M,HAQUE A.Random-Forests-Based Network Intrusion Detection Systems [J].IEEE Transactions on Systems,Man,and Cybernetics,Part C:Applications and Reviews,2008,38(5):649-659. [11]XU D,WANG Y J,MENG Y L,et al.Improved Data Anomaly Detection Method Based on Isolation Forest[J].Computer Scien-ce,2018,45(10):155-159. [12]ZHANG Q,HU Y P,JI C,et al.Edge Computing Application:Real-Time Anomaly Detection Algorithm for Sensing Data [J].Journal of Computer Research and Development,2018,55(3):524-536. [13]LI H,WANG L.Online orchestration of cooperative defense against DDoS attacks for 5G MEC[C]∥Wireless Communications and Networking Conference.IEEE,2018:1-6. [14]LIU F T,TING K M,ZHOU Z H.Isolation Forest[C]∥Proceeding of the 2008 Eighth Eighth IEEE International Conference on Data Mining.IEEE Computer Society,2008:413-422. [15]HE Y,ZHU X,WANG G,et al.Predicting Bugs in Software Code Changes Using Isolation Forest[C]∥IEEE International Conference on Software Quality.IEEE,2017:296-305. [16]CALHEIROS R,RAMAMOHANARAO K,BUYYA R,et al.On the effectiveness of isolation-based anomaly detection in cloud data centers [J].Concurrency and Computation:Practice and Experience,2017:e4169. [17]DING Z,DU D,FEI M.An isolation principle based distributed anomaly detection method in wireless sensor networks [J].International Journal of Automation and Computing,2015,12(4):402-412. [18]HE H B,GARCIA E A.Learning from Imbalanced Data [J].IEEE Transactions on Knowledge & Data Engineering,2009,21(9):1263-1284. [19]SHI W S,SUN H,CAO J,et al.Edge Computing—An Emerging Computing Model for the Internet of Everything Era [J].Journal of Computer Research & Development,2017,54(5):907-924. [20]BRUNO R P.Data Structures and Algorithms with ObjectOriented Design Patterns in Java[M].Wiley,1999. [21]INGBER L.Simulated annealing:Practice versus theory[J]. Mathematical & Computer Modeling:An International Journal,1993,18(11):29-57. [22]WU J S,ZHANG W P,MA Y.Data analysis and study on KDDCUP99 data set [J].Computer Applications and Software,2014(11):321-325. [23]ADETUNMBI A,ADEOLA S,DARAMOLA O.Analysis of KDD’99 Intrusion Detection Dataset for Selection of Relevance Features [J].Lecture Notes in Engineering & Computer Scien-ce,2010,2186(1):1371-1379. [24]TREBAR M,STEELE N.Application of distributed SVM architectures in classifying forest data cover types [J].Computers and Electronics in Agriculture,2008,63(2):119-130. |
[1] | 孙慧婷, 范艳芳, 马孟晓, 陈若愚, 蔡英. VEC中基于动态定价的车辆协同计算卸载方案 Dynamic Pricing-based Vehicle Collaborative Computation Offloading Scheme in VEC 计算机科学, 2022, 49(9): 242-248. https://doi.org/10.11896/jsjkx.210700166 |
[2] | 徐天慧, 郭强, 张彩明. 基于全变分比分隔距离的时序数据异常检测 Time Series Data Anomaly Detection Based on Total Variation Ratio Separation Distance 计算机科学, 2022, 49(9): 101-110. https://doi.org/10.11896/jsjkx.210600174 |
[3] | 李其烨, 邢红杰. 基于最大相关熵的KPCA异常检测方法 KPCA Based Novelty Detection Method Using Maximum Correntropy Criterion 计算机科学, 2022, 49(8): 267-272. https://doi.org/10.11896/jsjkx.210700175 |
[4] | 王馨彤, 王璇, 孙知信. 基于多尺度记忆残差网络的网络流量异常检测模型 Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network 计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011 |
[5] | 杜航原, 李铎, 王文剑. 一种面向电商网络的异常用户检测方法 Method for Abnormal Users Detection Oriented to E-commerce Network 计算机科学, 2022, 49(7): 170-178. https://doi.org/10.11896/jsjkx.210600092 |
[6] | 于滨, 李学华, 潘春雨, 李娜. 基于深度强化学习的边云协同资源分配算法 Edge-Cloud Collaborative Resource Allocation Algorithm Based on Deep Reinforcement Learning 计算机科学, 2022, 49(7): 248-253. https://doi.org/10.11896/jsjkx.210400219 |
[7] | 李梦菲, 毛莺池, 屠子健, 王瑄, 徐淑芳. 基于深度确定性策略梯度的服务器可靠性任务卸载策略 Server-reliability Task Offloading Strategy Based on Deep Deterministic Policy Gradient 计算机科学, 2022, 49(7): 271-279. https://doi.org/10.11896/jsjkx.210600040 |
[8] | 袁昊男, 王瑞锦, 郑博文, 吴邦彦. 基于Fabric的电子病历跨链可信共享系统设计与实现 Design and Implementation of Cross-chain Trusted EMR Sharing System Based on Fabric 计算机科学, 2022, 49(6A): 490-495. https://doi.org/10.11896/jsjkx.210500063 |
[9] | 方韬, 杨旸, 陈佳馨. D2D辅助移动边缘计算下的卸载策略优化 Optimization of Offloading Decisions in D2D-assisted MEC Networks 计算机科学, 2022, 49(6A): 601-605. https://doi.org/10.11896/jsjkx.210200114 |
[10] | 刘漳辉, 郑鸿强, 张建山, 陈哲毅. 多无人机使能移动边缘计算系统中的计算卸载与部署优化 Computation Offloading and Deployment Optimization in Multi-UAV-Enabled Mobile Edge Computing Systems 计算机科学, 2022, 49(6A): 619-627. https://doi.org/10.11896/jsjkx.210600165 |
[11] | 谢万城, 李斌, 代玥玥. 空中智能反射面辅助边缘计算中基于PPO的任务卸载方案 PPO Based Task Offloading Scheme in Aerial Reconfigurable Intelligent Surface-assisted Edge Computing 计算机科学, 2022, 49(6): 3-11. https://doi.org/10.11896/jsjkx.220100249 |
[12] | 周天清, 岳亚莉. 超密集物联网络中多任务多步计算卸载算法研究 Multi-Task and Multi-Step Computation Offloading in Ultra-dense IoT Networks 计算机科学, 2022, 49(6): 12-18. https://doi.org/10.11896/jsjkx.211200147 |
[13] | 彭冬阳, 王睿, 胡谷雨, 祖家琛, 王田丰. 视频缓存策略中QoE和能量效率的公平联合优化 Fair Joint Optimization of QoE and Energy Efficiency in Caching Strategy for Videos 计算机科学, 2022, 49(4): 312-320. https://doi.org/10.11896/jsjkx.210800027 |
[14] | 武玉坤, 李伟, 倪敏雅, 许志骋. 单类支持向量机融合深度自编码器的异常检测模型 Anomaly Detection Model Based on One-class Support Vector Machine Fused Deep Auto-encoder 计算机科学, 2022, 49(3): 144-151. https://doi.org/10.11896/jsjkx.210100142 |
[15] | 冷佳旭, 谭明圮, 胡波, 高新波. 基于隐式视角转换的视频异常检测 Video Anomaly Detection Based on Implicit View Transformation 计算机科学, 2022, 49(2): 142-148. https://doi.org/10.11896/jsjkx.210900266 |
|