计算机科学 ›› 2021, Vol. 48 ›› Issue (3): 327-332.doi: 10.11896/jsjkx.200600025
• 信息安全 • 上一篇
刘全明, 李尹楠, 郭婷, 李岩纬
LIU Quan-ming, LI Yin-nan, GUO Ting, LI Yan-wei
摘要: 随着互联网的发展,网络环境愈加复杂,由此导致的网络安全问题不断出现,因此网络安全的防护成为一项重要研究课题。针对真实网络环境中采集到的流量数据非平衡以及传统机器学习方法提取特征表示不准确等问题,文中提出一种基于Borderline-SMOTE和双Attention的入侵检测方法。首先对入侵数据进行Borderline-SMOTE过采样处理,解决了数据非平衡问题,并且利用卷积网络在图像特征提取方面的优势,将一维流量数据转化为灰度图像;然后通过双注意力网络分别从通道维度和空间维度对低维特征进行维度更新,得到更精准的特征表示;最后利用Softmax分类器对流量数据进行分类预测。所提方法的仿真实验均已在NSL-KDD数据集上得到验证,其准确率达到99.24%,相比其他常用方法准确率更高。
中图分类号:
[1]KIM J,KIM J,THU H L,et al.Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection[C]//International Conference on Platform Technology and Service.2016:1-5. [2]SHON T,MOON J.A hybrid machine learning approach to network anomaly detection[J].Information Sciences,2007,177(18):3799-3821. [3]TAN B,TAN Y,LI Y X,et al.Research on Intrusion Detection System Based on Improved Pso-svm Algorithm[J].Chemical Engineering Transactions,2016:583-588. [4]ZHAO Y H.Research on intrusion detection Optimization Algorithm based on SVM active learning[J].Journal of Jingchu University of Technology,2018,33(4):5-9. [5]REN J D,LIU X Q,WANG Q,et al.An Multi-Level Intrusion Detection Method Based on KNN Outlier Detection and Random Forests[J].Journal of Computer Research and Development,2019,56(3):566-575. [6]SCHMIDHUBER J.Deep learning in neural networks:An overview[J].Neural Networks,2015,61:85-117. [7]RAFF E,SYLVESTER J,NICHOLAS C,et al.Learning the PE Header,Malware Detection with Minimal Domain Knowledge[J].Machine Learning,2017:121-132. [8]SHI L Y,ZHU H Q,LIU Y H,et al.Intrusion Detection of Industrial Control System Based on Correlation Information Entropy and CNN-BiLSTM[J].Journal of Computer Research and Development,2019,56(11):2330-2338. [9]WANG M,LI J.Network Intrusion Detection Model Based on Convolutional Neural Network[J].Journal of Information Security Research,2017,3(11):990-994. [10]PHETLASY S,OHZAHATA S,WU C,et al.ApplyingSMOTE for a Sequential Classifiers Combination Method to Improve the Performance of Intrusion Detection System[C]//Dependable Autonomic and Secure Computing.2019:255-258. [11]DING H W,WAN L,LONG T Y.Research on the application of deep auto-encoder network in intrusion detection[J].Journal of Harbin Institute of Technology,2019,51(5):185-194. [12]HUI H,WANG W Y,MAO B H.Borderline-SMOTE:a newover-sampling method in imbalanced data sets learning[C]//International Conference on Intelligent Computing.Berlin,Heidelberg:Springer,2005. [13]MNIH V,HEESS N ,GRAVES A ,et al.Recurrent Models of Visual Attention[J].arXiv:1406.6247v1,2014. [14]WOO S,PARK J,LEE J,et al.CBAM:Convolutional Block Attention Module[C]//European Conference on Computer Vision.2018:3-19. [15]PHETLASY S,OHZAHATA S,WU C,et al.ApplyingSMOTE for a Sequential Classifiers Combination Method to Improve the Performance of Intrusion Detection System[C]//Dependable Autonomic and Secure Computing.2019:255-258. [16]LI Y,ZHANG B.An Intrusion DetectionAlgorithm Based onDeep CNN[J].Computer Applications and Software,2020,37(4):324-328. [17]DING H W,WAN L,ZHOU K,et al.Study on Intrusion Detection Based on Deep Convolution Neural Network[J].Computer Science,2019,46(10):173-179. [18]LIAN H F,ZHANG H,GUO W Z.Netflow Anomaly Detection Based on Data Enhancement and Hybrid Neural Network [J].Journal of Chinese Mini-Micro Computer Systems,2020,41(4):786-793. [19]YANG Y,ZHENG K,WU C,et al.Building an Effective Intrusion Detection System Using the Modified Density Peak Clustering Algorithm and Deep Belief Networks[J].Applied Sciences,2019,9(2):238. [20]THASEEN I S,KUMAR C A.Intrusion detection model using fusion of chi-square feature selection and multi class SVM[J].Journal of King Saud University-Computer and Information Sciences,2017,29(4):462-472. [21]PARSAEI M R,ROSTAMI S M,JAVIDAN R,et al.A Hybrid Data Mining Approach for Intrusion Detection on Imbalanced NSL-KDD Dataset[J].International Journal of Advanced Computer Science and Applications,2016,7(6):20-25. [22]YANG Y R,SONG R J,ZHOU Z Y.Network Intrusion Detection Method Based on GAN-PSO-ELM[J].Computer Enginee-ring and Applications,2020,56(12):66-72. |
[1] | 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠. 基于战术关联的网络安全风险评估框架 Network Security Risk Assessment Framework Based on Tactical Correlation 计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171 |
[2] | 王磊, 李晓宇. 基于随机洋葱路由的LBS移动隐私保护方案 LBS Mobile Privacy Protection Scheme Based on Random Onion Routing 计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077 |
[3] | 王馨彤, 王璇, 孙知信. 基于多尺度记忆残差网络的网络流量异常检测模型 Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network 计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011 |
[4] | 赵冬梅, 吴亚星, 张红斌. 基于IPSO-BiLSTM的网络安全态势预测 Network Security Situation Prediction Based on IPSO-BiLSTM 计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103 |
[5] | 杜鸿毅, 杨华, 刘艳红, 杨鸿鹏. 基于网络媒体的非线性动力学信息传播模型 Nonlinear Dynamics Information Dissemination Model Based on Network Media 计算机科学, 2022, 49(6A): 280-284. https://doi.org/10.11896/jsjkx.210500043 |
[6] | 周志豪, 陈磊, 伍翔, 丘东亮, 梁广升, 曾凡巧. 基于SMOTE-SDSAE-SVM的车载CAN总线入侵检测算法 SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm 计算机科学, 2022, 49(6A): 562-570. https://doi.org/10.11896/jsjkx.210700106 |
[7] | 曹扬晨, 朱国胜, 孙文和, 吴善超. 未知网络攻击识别关键技术研究 Study on Key Technologies of Unknown Network Attack Identification 计算机科学, 2022, 49(6A): 581-587. https://doi.org/10.11896/jsjkx.210400044 |
[8] | 吕鹏鹏, 王少影, 周文芳, 连阳阳, 高丽芳. 基于进化神经网络的电力信息网安全态势量化方法 Quantitative Method of Power Information Network Security Situation Based on Evolutionary Neural Network 计算机科学, 2022, 49(6A): 588-593. https://doi.org/10.11896/jsjkx.210200151 |
[9] | 邓凯, 杨频, 李益洲, 杨星, 曾凡瑞, 张振毓. 一种可快速迁移的领域知识图谱构建方法 Fast and Transmissible Domain Knowledge Graph Construction Method 计算机科学, 2022, 49(6A): 100-108. https://doi.org/10.11896/jsjkx.210900018 |
[10] | 陶礼靖, 邱菡, 朱俊虎, 李航天. 面向网络安全训练评估的受训者行为描述模型 Model for the Description of Trainee Behavior for Cyber Security Exercises Assessment 计算机科学, 2022, 49(6A): 480-484. https://doi.org/10.11896/jsjkx.210800048 |
[11] | 魏辉, 陈泽茂, 张立强. 一种基于顺序和频率模式的系统调用轨迹异常检测框架 Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns 计算机科学, 2022, 49(6): 350-355. https://doi.org/10.11896/jsjkx.210500031 |
[12] | 黄颖琦, 陈红梅. 基于代价敏感卷积神经网络的非平衡问题混合方法 Cost-sensitive Convolutional Neural Network Based Hybrid Method for Imbalanced Data Classification 计算机科学, 2021, 48(9): 77-85. https://doi.org/10.11896/jsjkx.200900013 |
[13] | 张师鹏, 李永忠. 基于降噪自编码器和三支决策的入侵检测方法 Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions 计算机科学, 2021, 48(9): 345-351. https://doi.org/10.11896/jsjkx.200500059 |
[14] | 周仕承, 刘京菊, 钟晓峰, 卢灿举. 基于深度强化学习的智能化渗透测试路径发现 Intelligent Penetration Testing Path Discovery Based on Deep Reinforcement Learning 计算机科学, 2021, 48(7): 40-46. https://doi.org/10.11896/jsjkx.210400057 |
[15] | 李贝贝, 宋佳芮, 杜卿芸, 何俊江. DRL-IDS:基于深度强化学习的工业物联网入侵检测系统 DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things 计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021 |
|