计算机科学 ›› 2021, Vol. 48 ›› Issue (11A): 592-596.doi: 10.11896/jsjkx.201100170
马琳, 王云霄, 赵丽娜, 韩兴旺, 倪金超, 张婕
MA Lin, WANG Yun-xiao, ZHAO Li-na, HAN Xing-wang, NI Jin-chao, ZHANG Jie
摘要: 网络入侵检测系统被广泛应用于网络安全的的建设中,它能够有效地识别出潜在的危害网络安全行为。针对当前网络入侵检测系统单模型存在的局限性,以获得更准确且高效的网络入侵检测结果,提出了基于多模型集成的网络入侵检测系统。该系统通过运用Bagging算法集成了线性支持向量机(Linear Support Vector Machines,Linear SVM)、残差神经网络(Residual Networks,ResNets)、时序卷积网络(Temporal Convolutional Network,TCN)这3种模型,从而对网络入侵进行检测。实验的入侵检测数据采用国网山东省电力公司工作设备的99 809条网络日志数据以及AWID作为公测数据集,分别对比了单独使用Linear SVM,ResNets,TCN这3种模型的网络入侵检测效果。实验结果证明了所提系统使用的多模型集成算法综合了各个模型的优势,使得总体正确率升到了最高99.24%且比TCN多出7.95%。此外,所提系统不仅拥有极高的正确率,漏警率也低至0.07%,这十分符合网络安全防护系统的要求,成功实现了更加准确高效的网络入侵检测。
中图分类号:
[1]AL-EMADI S,AL-MOHANNADI A,AL-SENAID F.UsingDeep Learning Techniques for Network Intrusion Detection[C]//2020 IEEE International Conference on Informatics,IoT,and Enabling Technologies (ICIoT).2020:171-176. [2]MI X L,ZOU F,ZHU R Q.Bagging and deep learning in optimal individualized treatment rules[J].Biometrics,2019,75(2):674-684. [3]SHIN J,IM C H.Performance Improvement of Near-Infrared Spectroscopy-Based Brain-Computer Interface Using Regulari-zed Linear Discriminant Analysis Ensemble Classifier Based on Bootstrap Aggregating[OL].https://search.ebscohost.com/login.aspx?direct=true&db=edselc&AN=edselc.2-52.0-85082676481&lang=zh-cn&site=eds-live. [4]LECUN Y,BENGIO Y,HINTON G.Deep learning[J].Nature.2015,521(7553):436-444. [5]SALAMA M A,EID H F,RAMADAN R A.Hybrid intelligent intrusion detection scheme [M]//Soft Computing in Industrial Applications.Springer,Berlin,Heidelberg,2011:293-303. [6]MUKKAMALA S,JANOSKI G.SUNGA H.Feature rankingand selection for intrusion detection using support vector machines[C]//Proceeding of the International Conference on Information and Knowledge Engineering.2002:503-509. [7]MUKKAMALA S.JANOSKI G.SUNG A H.Instrusion detection using neural networks and support vector machines[C]//Proceeding of IEEE International Joint Conference on Neural Networks.2002:1702-1702. [8]SHUM J,MALKI H A.Network intrusion detection systemusing neural networks[C]//Fourth International Conference on Natural Computation.2008:242-246. [9]ANYANWU L O,JARED K P D,AROME G A,et al.Scalableintrusion detection with recurrent neural networks[C]//Se-venth International Conference on Information Technology.2010:919-923. [10]FIORE U,PALMIERI F,CASTIGLIONE A,et al.Networkanomaly detection with the restricted Boltzmann machine[J].Neurocomputing,2013,122(12):13-23. [11]YIN C L,ZHU Y F,FEI J L.A deep learning approach for intrusion detection using recurrent neural networks[J].IEEE Access,2017,2017(5):21954-21961. [12]HE K,ZHANG X,REN S,et al.Deep residual learning for image recognition[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.2016:770-778. [13]BAI S,KOLTER J Z,KOLTUN V.An empirical evaluation of generic convolutional and recurrent networks for sequence mo-deling[J].arXiv:1803.01271,2018. [14]GOODFELLOW I,BENGIO J,KUWELL A.Deep Learning[M].People's Posts and Telecommunications Press,2017:220-222. [15]LI X B,LI S Y,LI X B,et al.AdBagging:Adaptive sampling Parameter online bagging algorithm[J].Computer Engineering and Design,2011,32(12):4095-4099. [16]WAIBEL A,HANAZAWA T,HINTON G,et al.Phoneme recognition using time-delay neural networks[J].IEEE Transactions on Acoustics,Speech,and Signal Processing,1989,37(3):328-339. |
[1] | 王馨彤, 王璇, 孙知信. 基于多尺度记忆残差网络的网络流量异常检测模型 Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network 计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011 |
[2] | 周志豪, 陈磊, 伍翔, 丘东亮, 梁广升, 曾凡巧. 基于SMOTE-SDSAE-SVM的车载CAN总线入侵检测算法 SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm 计算机科学, 2022, 49(6A): 562-570. https://doi.org/10.11896/jsjkx.210700106 |
[3] | 曹扬晨, 朱国胜, 孙文和, 吴善超. 未知网络攻击识别关键技术研究 Study on Key Technologies of Unknown Network Attack Identification 计算机科学, 2022, 49(6A): 581-587. https://doi.org/10.11896/jsjkx.210400044 |
[4] | 魏辉, 陈泽茂, 张立强. 一种基于顺序和频率模式的系统调用轨迹异常检测框架 Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns 计算机科学, 2022, 49(6): 350-355. https://doi.org/10.11896/jsjkx.210500031 |
[5] | 高捷, 刘沙, 黄则强, 郑天宇, 刘鑫, 漆锋滨. 基于国产众核处理器的深度神经网络算子加速库优化 Deep Neural Network Operator Acceleration Library Optimization Based on Domestic Many-core Processor 计算机科学, 2022, 49(5): 355-362. https://doi.org/10.11896/jsjkx.210500226 |
[6] | 焦翔, 魏祥麟, 薛羽, 王超, 段强. 基于深度学习的自动调制识别研究 Automatic Modulation Recognition Based on Deep Learning 计算机科学, 2022, 49(5): 266-278. https://doi.org/10.11896/jsjkx.211000085 |
[7] | 范红杰, 李雪冬, 叶松涛. 面向电子病历语义解析的疾病辅助诊断方法 Aided Disease Diagnosis Method for EMR Semantic Analysis 计算机科学, 2022, 49(1): 153-158. https://doi.org/10.11896/jsjkx.201100125 |
[8] | 张师鹏, 李永忠. 基于降噪自编码器和三支决策的入侵检测方法 Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions 计算机科学, 2021, 48(9): 345-351. https://doi.org/10.11896/jsjkx.200500059 |
[9] | 李贝贝, 宋佳芮, 杜卿芸, 何俊江. DRL-IDS:基于深度强化学习的工业物联网入侵检测系统 DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things 计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021 |
[10] | 程希, 曹晓梅. 基于信息携带的SQL注入攻击检测方法 SQL Injection Attack Detection Method Based on Information Carrying 计算机科学, 2021, 48(7): 70-76. https://doi.org/10.11896/jsjkx.200600010 |
[11] | 周欣, 刘硕迪, 潘薇, 陈媛媛. 自然交通场景中的车辆颜色识别 Vehicle Color Recognition in Natural Traffic Scene 计算机科学, 2021, 48(6A): 15-20. https://doi.org/10.11896/jsjkx.200800078 |
[12] | 俞建业, 戚湧, 王宝茁. 基于Spark的车联网分布式组合深度学习入侵检测方法 Distributed Combination Deep Learning Intrusion Detection Method for Internet of Vehicles Based on Spark 计算机科学, 2021, 48(6A): 518-523. https://doi.org/10.11896/jsjkx.200700129 |
[13] | 曹扬晨, 朱国胜, 祁小云, 邹洁. 基于随机森林的入侵检测分类研究 Research on Intrusion Detection Classification Based on Random Forest 计算机科学, 2021, 48(6A): 459-463. https://doi.org/10.11896/jsjkx.200600161 |
[14] | 贾琳, 杨超, 宋玲玲, 程镇, 李琲珺. 改进的否定选择算法及其在入侵检测中的应用 Improved Negative Selection Algorithm and Its Application in Intrusion Detection 计算机科学, 2021, 48(6): 324-331. https://doi.org/10.11896/jsjkx.200400033 |
[15] | 王颖颖, 常俊, 武浩, 周详, 彭予. 基于WiFi-CSI的入侵检测方法 Intrusion Detection Method Based on WiFi-CSI 计算机科学, 2021, 48(6): 343-348. https://doi.org/10.11896/jsjkx.200700006 |
|