计算机科学 ›› 2018, Vol. 45 ›› Issue (11): 164-168.doi: 10.11896/j.issn.1002-137X.2018.11.025

• 信息安全 • 上一篇    下一篇

网电空间中基于IFTS预测模型的IDS方法

邢瑞康, 李成海, 范晓诗   

  1. (空军工程大学防空反导学院 西安710051)
  • 收稿日期:2017-11-20 发布日期:2019-02-25
  • 作者简介:邢瑞康(1994-),男,硕士生,主要研究方向为网络信息安全,E-mail:18149236069@163.com;李成海(1966-),男,教授,硕士生导师,主要研究方向为网络信息安全等,E-mail:lichenghai2015@163.com(通信作者);范晓诗(1988-),男,博士,主要研究方向为网络信息安全。
  • 基金资助:
    本文受国家自然科学基金(61703426)资助。

Intrusion Detection Method Based on Intuitionistic Fuzzy Time Series Forecasting Model in Cyberspace

XING Rui-kang, LI Cheng-hai, FAN Xiao-shi   

  1. (College of Air and Missile Defense,Air Force Engineering University,Xi’an 710051,China)
  • Received:2017-11-20 Published:2019-02-25

摘要: 网电空间是在信息化发展条件下随着世界军事的重大变革而产生的新兴作战空间,尤其是在防空反导对抗方面具有十分重要的影响。由于安全机制不尽完善,网络空间所要面对的威胁也不断增多。基于此背景,文中提出一种基于IFTS预测模型的入侵检测方法,该方法通过计算网络数据各特征属性的直觉模糊来预测误差,并通过直觉模糊预测误差来区分正常数据和入侵攻击,从而达到检测预警的目的。在此基础上,建立了入侵检测框架,并通过搭建仿真实验模拟平台来模拟一个抽象的、简化的网电空间对抗模型,对算法的有效性及效能进行验证。实验结果表明,该方法是一种有效的方法,并且在一定程度上提高了模型的检测率。

关键词: 模糊集, 入侵检测, 网电空间, 直觉模糊时间序列

Abstract: The cyberspace is an emerging combat space that has emerged under the conditions of informatization deve-lopment with the major changes in the world’s military,and has a particularly important impact on air defense and antimissile confrontation.Due to the imperfect security mechanism,the threats that cyberspace faces are constantly increa-sing.Based on this background,this paper proposed an intrusion detection method based on the intuitionistic fuzzy time series forecasting model.This methods calculates the intuitionistic fuzzy prediction error of each characteristic attribute of network data,and distinguishes normal data from intrusion attacks by intuitionistic fuzzy prediction error,so as to achieve the purpose of detection and early warning.Based on this,an intrusion detection framework is established,and a simulation simulation experiment platform is set up to simulate the effectiveness and effectiveness of the algorithm by simulating an abstract and simplified network cyberspace confrontation model.The experimental results show that this method is effective and improves the detection rate of model to some extent.

Key words: Cyberspace, Fuzzy sets, IFTS, Intrusion detection

中图分类号: 

  • TP301.6
[1]李为民,黄仁全,王春阳,等.防空体系反制网电攻击概论.北京:解放军出版社,2013.
[2]PEDRO M P,PEDRO C,HUMBERTO B,et al.Image segmentation using Atanassov’s intuitionistic fuzzy sets .Expert Systems with Applications,2013,4(1):15-26.
[3]CHANDOLA V,BANERJEE A,KUMAR V.Anomaly Detection:A Survey.ACM Computing Surveys,2009,41(3):1-58.
[4]CHEN Y H,MA X L,WU X Y.DDoS Detection Algorithm Based on Preprocessing Network Traffic Predicted Method and Chaos Theory.IEEE Communications letters,2013,17(5):1052-1054.
[5]TAN Z Y,JAMDAGNI A,HE X J,et al.A System for Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis .IEEE Transactions on Parallel and Distributed Systems,2013,25(2):447-456.
[6]LI H Z,GUO S,LI C J,et al.A hybrid annual power load forecasting model based on generalized regression neural network with fruit fly optimization algorithm .Knowledge Based Systems,2013,37(2):378-387.
[7]THANASIS V,ALEXANDROS P,CHRISTOS I,et al.Real-time Network Data Analysis Using Time Series Models.Simulation Modelling Practice and Theory,2012,29(29):173-180.
[8]MENG F Y,CHEN X H.Entropy and similarity measure of Atanassov’s intuitionistic fuzzy sets and their application to pattern recognition based on fuzzy measures .Pattern Analysis &Applications,2016,19(1):11-20.
[9]LIPPMANN R P,INGOLS K W,SCOTT C,et al.Evaluating and Strengthening Enterprise Network Security Using Attack Graphs:ESC-TR-2005-064.MIT Lincoln Laboratory,2005.
[10]HUANG X W,ZHANG C.Techniques for intrusion detection based on adaptive intuitionistic fuzzy reasoning.Journal of Computer Applications,2010,30(5):1198-1201.(in Chinese)
黄孝文,张弛.基于自适应直觉模糊推理的入侵检测方法[J].计算机应用,2010,30(5):1198-1201.
[11]AHMAD I,ABDULLAH A,ALGHAMDI A,et al.Optimized Intrusion Detection Mechanism using Soft Computing Techniques.Telecommunication Systems,2013,52(4):2187-2195.
[12]LENG G,MCG I,PRASAD G.Design for self organizing fuzzy neural networks based on genetic algorithms .IEEE Transa-ctions on Fuzzy Systems,2006,14(6):755-766.
[13]TARTAKOVSKY A G,POLUNCHENKO A S,SOKOLOV G.Efficient Computer Network Anomaly Detection by Changepoint Detection Methods .IEEE Journal of Selected Topics in Signal Processing,2013,7(1):4-11.
[14]YANG Y H,HUANG H Z,SHEN Q N,et al.Reserch on intrusion detection based on Incremental GHSOM.Chinese Journal of Computers,2014,37(5):1217-1224.(in Chinese)
杨雅辉,黄海珍,沈晴霓,等.基于增量式GHSOM神经网络模型的入侵检测研究.计算机学报,2014,37(5):1217-1224.
[15]FU M B.A Intrusion Detection System Based on Cluster Analysis.Software Engineering,2016,19(4):10-12.(in Chinese)
付明柏.一种基于聚类分析的入侵检测模型.软件工程,2016,19(4):10-12.
[16]LI J,DENG G,LI H,et al.The relationship between similarity measure and entropy of intuitionistic fuzzy sets.Information Sciences,2012,188(1):314-321.
[17]ASKARI S,MONTAZERIN N.A high-order multi-variable Fuzzy Time Series forecasting algorithm based on fuzzy clustering.Expert Systems with Applications,2015,42(9):2121-2135.
[1] 王馨彤, 王璇, 孙知信.
基于多尺度记忆残差网络的网络流量异常检测模型
Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network
计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011
[2] 周志豪, 陈磊, 伍翔, 丘东亮, 梁广升, 曾凡巧.
基于SMOTE-SDSAE-SVM的车载CAN总线入侵检测算法
SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm
计算机科学, 2022, 49(6A): 562-570. https://doi.org/10.11896/jsjkx.210700106
[3] 曹扬晨, 朱国胜, 孙文和, 吴善超.
未知网络攻击识别关键技术研究
Study on Key Technologies of Unknown Network Attack Identification
计算机科学, 2022, 49(6A): 581-587. https://doi.org/10.11896/jsjkx.210400044
[4] 魏辉, 陈泽茂, 张立强.
一种基于顺序和频率模式的系统调用轨迹异常检测框架
Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns
计算机科学, 2022, 49(6): 350-355. https://doi.org/10.11896/jsjkx.210500031
[5] 张师鹏, 李永忠.
基于降噪自编码器和三支决策的入侵检测方法
Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions
计算机科学, 2021, 48(9): 345-351. https://doi.org/10.11896/jsjkx.200500059
[6] 李贝贝, 宋佳芮, 杜卿芸, 何俊江.
DRL-IDS:基于深度强化学习的工业物联网入侵检测系统
DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things
计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021
[7] 程希, 曹晓梅.
基于信息携带的SQL注入攻击检测方法
SQL Injection Attack Detection Method Based on Information Carrying
计算机科学, 2021, 48(7): 70-76. https://doi.org/10.11896/jsjkx.200600010
[8] 戴宗明, 胡凯, 谢捷, 郭亚.
基于直觉模糊集的集成学习算法
Ensemble Learning Algorithm Based on Intuitionistic Fuzzy Sets
计算机科学, 2021, 48(6A): 270-274. https://doi.org/10.11896/jsjkx.200700036
[9] 俞建业, 戚湧, 王宝茁.
基于Spark的车联网分布式组合深度学习入侵检测方法
Distributed Combination Deep Learning Intrusion Detection Method for Internet of Vehicles Based on Spark
计算机科学, 2021, 48(6A): 518-523. https://doi.org/10.11896/jsjkx.200700129
[10] 曹扬晨, 朱国胜, 祁小云, 邹洁.
基于随机森林的入侵检测分类研究
Research on Intrusion Detection Classification Based on Random Forest
计算机科学, 2021, 48(6A): 459-463. https://doi.org/10.11896/jsjkx.200600161
[11] 贾琳, 杨超, 宋玲玲, 程镇, 李琲珺.
改进的否定选择算法及其在入侵检测中的应用
Improved Negative Selection Algorithm and Its Application in Intrusion Detection
计算机科学, 2021, 48(6): 324-331. https://doi.org/10.11896/jsjkx.200400033
[12] 王颖颖, 常俊, 武浩, 周详, 彭予.
基于WiFi-CSI的入侵检测方法
Intrusion Detection Method Based on WiFi-CSI
计算机科学, 2021, 48(6): 343-348. https://doi.org/10.11896/jsjkx.200700006
[13] 郑嘉彤, 吴文渊.
基于MLWE的双向可否认加密方案
Practical Bi-deniable Encryption Scheme Based on MLWE
计算机科学, 2021, 48(3): 307-312. https://doi.org/10.11896/jsjkx.200100024
[14] 刘全明, 李尹楠, 郭婷, 李岩纬.
基于Borderline-SMOTE和双Attention的入侵检测方法
Intrusion Detection Method Based on Borderline-SMOTE and Double Attention
计算机科学, 2021, 48(3): 327-332. https://doi.org/10.11896/jsjkx.200600025
[15] 朱容辰, 李欣, 王晗旭, 叶瀚, 曹志威, 樊志杰.
融合多维标识特征的摄像头身份识别方法
Camera Identity Recognition Method Fused with Multi-dimensional Identification Features
计算机科学, 2021, 48(11A): 565-569. https://doi.org/10.11896/jsjkx.210100093
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!