基于NAWL-ILSTM的网络安全态势预测方法

doi:10.11896/jsjkx.180901820

摘要/Abstract

摘要： 安全态势是网络安全预警的前提。各种复杂网络环境中的网络攻击行为给网络带来了意想不到的挑战,导致网络负载增加和网络故障等突发网络安全事件随时都会发生。因此,针对网络安全态势时间序列的不确定性、非线性等特点,为了提高网络安全态势预测的精度,提出了基于改进Nadam和改进长短期记忆网络(NAWL-ILSTM)的网络安全态势预测方法。首先,利用一种在线更新机制改进长短期记忆网络(LSTM)以建立态势时间序列预测模型,它可以实时地对接收到的在线观测数据进行参数更新,使代价函数最小化,从而解决了传统LSTM网络模型不能合理地利用网络系统在线传送数据的问题,在优化参数更新的同时也大大提高了LSTM模型的预测精度;然后,针对神经网络训练过程中收敛速度较慢和训练成本较高的问题,采用Look-ahead方法对Nesterov加速梯度的自适应估计动量算法(Nadam)的更新公式进行改进,以加快模型的收敛速度,从而加快了ILSTM预测模型的训练速度,减少了训练的时间和成本。基于Python在tensorflow环境下进行仿真实验,结果验证了所提的基于在线更新机制的LSTM预测模型的合理性,通过收敛性分析和算法对比得出了NAWL算法具有更快的收敛速度的结论。最后,与其他预测模型的对比结果表明了NAWL-ILSTM预测模型在态势时间序列分析中具有更强的适用性和更高的准确性。

关键词: 长短期记忆网络, 前瞻性技术, 适应性动量算法, 网络安全态势预测, 在线更新参数

Abstract: Security situation is the premise of network security warning.The network attacks in complex network environment bring unexpected challenges,causing the sudden network security incidents such as increasing network load and network failure happen at any time.Therefore,taking into account the uncertainty and non-linearity of network security situation time series,in order to further improve the forecast accuracy of network security situation,this paper proposed a network security situation prediction method based on NAWL-ILSTM (Nadam with Look-ahead and Improved Long Short-Term Memory).Firstly,an online updating mechanism is adopted to improve the LSTM to establish time series forecasting model,which can conduct parameter updating in real time for the received online observed data and minimize the cost function,thus solving the problem that traditional LSTM algorithm can’t use network system to transmit data online reasonably,further,optimizing the parameter updating and improving the forecast accuracy of LSTM model.Then,aiming at the problems of slow convergence speed and high training cost in the training process of neural networks,the Look-ahead technology is used to improve the updating formula of Nesterov acceleration gradient adaptive estimated momentum algorithm (Nadam) to accelerate the convergence speed of the model,and then the trai-ning speed of ILSTM prediction model can be accelerated to reduce training time and cost.The simulation experiments based on Pythonin tensorflow environment demonstrate the rationality of the LSTM prediction model based on online updating mechanism.Convergence analysis and comparison experiments show the NAWL algorithm has faster convergence speed.Finally,the comparison experiments show that the proposed model based on NAWL-ILSTM has stronger applicability and higher applicability in situation time series analysis compared with other prediction model.

Key words: Adaptive momentum estimated algorithm, Long short-term memory, Look-ahead technology, Network security situation prediction, Online observation data

中图分类号:

TP393

朱江, 陈森. 基于NAWL-ILSTM的网络安全态势预测方法[J]. 计算机科学, 2019, 46(10): 161-166. https://doi.org/10.11896/jsjkx.180901820

ZHU Jiang, CHEN Sen. Network Security Situation Prediction Method Based on NAWL-ILSTM[J]. Computer Science, 2019, 46(10): 161-166. https://doi.org/10.11896/jsjkx.180901820

参考文献

[1]JAJODIA S,LIU P,SWARUP V,et al.Cyber Situational Awareness:Issues and Research[M].Boston,MA:Spring-Verlag,US,2010.
[2]BOX G E P,JENKINS G M,REINSEL G C.Time series analysis forecasting and control,4th Edition[M].Beijing:Posts & Telecom Press,2005:19-180.
[3]LIANG W,CHEN Z,YAN X,et al.Multiscale Entropy-Based Weighted Hidden Markov Network Security Situation Prediction Model[C]//IEEE International Congress on Internet of Things.IEEE,2017:97-104.
[4]LI F W,ZHENG B,ZHU J,et al. A method of network security situation prediction based on AC-RBF neural network.Journal of Chongqing University of Posts & Telecommunications,2014,26(5):576-581.(in Chinese)
李方伟,郑波,朱江,等.一种基于AC-RBF神经网络的网络安全态势预测方法.重庆邮电大学学报(自然科学版),2014,26(05):576-581.
[5]JIANG Y,LI C H,YU L S,et al.On Network Security Situation Prediction Based on RBF Neural Network[C]//2017 36th Chinese Control Conference,Beijing:Technical Committee on Control Theory of Chinese Association of Automation,2017:4060-4063.
[6]ZHANG S M,LI B X,WANG B Y.The Application of an Improved Integration Algorithm of Support Vector Machine to the Prediction of Network Security Situation[J].Applied Mechanics &Materials,2014,513-517(513-517):2285-2288.
[7]DUAN M.Short-Time Prediction of Traffic Flow Based on PSO Optimized SVM[C]//International Conference on Intelligent Transportation,Big Data & Smart City.IEEE Computer Society,2018:41-45.
[8]WANG X,WU J,LIU C,et al.Fault time series prediction based on LSTM cyclic neural network [J].Journal of Beijing University of Aeronautics and Astronautics,2018,44(4):772-784.(in Chinese)
王鑫,吴际,刘超,等.基于LSTM循环神经网络的故障时间序列预测[J].北京航空航天大学学报,2018,44(4):772-784.
[9]CHEN Z,LIU Y,LIU S.Mechanical State Prediction Based on LSTM Neural Netwok[C]//China Control Conference,Beijing:Technical Committee on Control Theory of Chinese Association of Automation.2017:3876-3881.
[10]ZHU J,MING Y,SONG Y H,et al.Mechanism of situation element acquisition based on deep auto-encoder network in wireless sensor networks[J].International Journal of Distributed Sensor Networks,2017,13(3):155014771769962.
[11]LING F W,ZHANG X Y,ZHU J,et al.Network security situation assessment model based on information fusion [J].Journal of Computer Applications,2015,35(7):1882-1887.(in Chinese)
李方伟,张新跃,朱江,等.基于信息融合的网络安全态势评估模型[J].计算机应用,2015,35(7):1882-1887.
[12]SUN R Q.Research on the price trend prediction model of the stock index based on LSTM neural network[D].Beijing:Capital University of Economics and Business,2016.(in Chinese)
孙瑞奇.基于LSTM神经网络的美股股指价格趋势预测模型的研究[D].北京:首都经济贸易大学,2016.
[13]GREFF K,SRIVASTAVA R K,KOUTNIK J,et al.LSTM:A Search Space Odyssey[J].IEEE Transactions on Neural Networks & Learning Systems,2015,28(10):2222-2232.
[14]DOZAT T.Incorporating Nesterov Momentum into Adam[R].Stanford University,2015.
[15]SUTSKEVER I,MARTENS J,DAHL G,et al.On the importance of initialization and momentum in deep learning[C]//International Conference on International Conference on Machine Learning.JMLR.org,2013:1139-1147.
[16]BALLES L,HENNING P.Dissecting Adam:the sign,magni-tude and variance of stochastic gradients[C]//International Conference on Machine Learning.New York:ACM,2018:693-709.
[17]DUCHI J,HAZAN E,SINGER Y.Adaptive Subgradient Me-thods for Online Learning and Stochastic Optimization[J].Journal of Machine Learning Research,2011,12(7):257-269.
[18]YEUNG S,RUSSAKOVSKY O,NING J,et al.Every Moment Counts:Dense Detailed Labeling of Actions in Complex Videos[J].International Journal of Computer Vision,2017(8):1-15.
[19]ZHANG C,ZHANG C,ZHANG C.An improved Adam Algorithm using look-ahead[C]//International Conference on Deep Learning Technologies.New York:ACM,2017:19-22.

相关文章 15

[1]	王馨彤, 王璇, 孙知信. 基于多尺度记忆残差网络的网络流量异常检测模型 Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network 计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011
[2]	赵冬梅, 吴亚星, 张红斌. 基于IPSO-BiLSTM的网络安全态势预测 Network Security Situation Prediction Based on IPSO-BiLSTM 计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103
[3]	王飞, 黄涛, 杨晔. 基于Stacking多模型融合的IGBT器件寿命的机器学习预测算法研究 Study on Machine Learning Algorithms for Life Prediction of IGBT Devices Based on Stacking Multi-model Fusion 计算机科学, 2022, 49(6A): 784-789. https://doi.org/10.11896/jsjkx.210400030
[4]	康雁, 徐玉龙, 寇勇奇, 谢思宇, 杨学昆, 李浩. 基于Transformer和LSTM的药物相互作用预测 Drug-Drug Interaction Prediction Based on Transformer and LSTM 计算机科学, 2022, 49(6A): 17-21. https://doi.org/10.11896/jsjkx.210400150
[5]	高堰泸, 徐圆, 朱群雄. 基于A-DLSTM夹层网络结构的电能消耗预测方法 Predicting Electric Energy Consumption Using Sandwich Structure of Attention in Double -LSTM 计算机科学, 2022, 49(3): 269-275. https://doi.org/10.11896/jsjkx.210100006
[6]	刘嘉琛, 秦小麟, 朱润泽. 基于LSTM-Attention的RFID移动对象位置预测 Prediction of RFID Mobile Object Location Based on LSTM-Attention 计算机科学, 2021, 48(3): 188-195. https://doi.org/10.11896/jsjkx.200600134
[7]	刘奇, 陈红梅, 罗川. 基于改进的蝗虫优化算法的红细胞供应预测方法 Method for Prediction of Red Blood Cells Supply Based on Improved Grasshopper Optimization Algorithm 计算机科学, 2021, 48(2): 224-230. https://doi.org/10.11896/jsjkx.200600016
[8]	彭斌, 李征, 刘勇, 吴永豪. 基于卷积神经网络的代码注释自动生成方法 Automatic Code Comments Generation Method Based on Convolutional Neural Network 计算机科学, 2021, 48(12): 117-124. https://doi.org/10.11896/jsjkx.201100090
[9]	景丽, 何婷婷. 基于改进TF-IDF和ABLCNN的中文文本分类模型 Chinese Text Classification Model Based on Improved TF-IDF and ABLCNN 计算机科学, 2021, 48(11A): 170-175. https://doi.org/10.11896/jsjkx.210100232
[10]	赵佳琦, 王瀚正, 周勇, 张迪, 周子渊. 基于多尺度与注意力特征增强的遥感图像描述生成方法 Remote Sensing Image Description Generation Method Based on Attention and Multi-scale Feature Enhancement 计算机科学, 2021, 48(1): 190-196. https://doi.org/10.11896/jsjkx.200600076
[11]	张玉帅, 赵欢, 李博. 基于BERT和BiLSTM的语义槽填充 Semantic Slot Filling Based on BERT and BiLSTM 计算机科学, 2021, 48(1): 247-252. https://doi.org/10.11896/jsjkx.191200088
[12]	胡鹏程, 刁力力, 叶桦, 仰燕兰. 基于人工特征与深度特征的DGA域名检测算法 DGA Domains Detection Based on Artificial and Depth Features 计算机科学, 2020, 47(9): 311-317. https://doi.org/10.11896/jsjkx.191000118
[13]	崔彤彤, 王桂玲, 高晶. 基于1DCNN-LSTM的船舶轨迹分类方法 Ship Trajectory Classification Method Based on 1DCNN-LSTM 计算机科学, 2020, 47(9): 175-184. https://doi.org/10.11896/jsjkx.191000162
[14]	吕亿林, 田宏韬, 高建伟, 万怀宇. 结合百科知识与句子语义特征的关系抽取方法 Relation Extraction Method Combining Encyclopedia Knowledge and Sentence Semantic Features 计算机科学, 2020, 47(6A): 40-44. https://doi.org/10.11896/JsJkx.190700042
[15]	陈晋音, 蒋焘, 郑海斌. 基于信噪比分级的信号调制类型识别 Radio Modulation Recognition Based on Signal-noise Ratio Classification 计算机科学, 2020, 47(6A): 310-317. https://doi.org/10.11896/JsJkx.190800073

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed