Computer Science ›› 2022, Vol. 49 ›› Issue (6A): 581-587.doi: 10.11896/jsjkx.210400044

• Information Security • Previous Articles     Next Articles

Study on Key Technologies of Unknown Network Attack Identification

CAO Yang-chen, ZHU Guo-sheng, SUN Wen-he, WU Shan-chao   

  1. School of Computer and Information Engineering,Hubei University,Wuhan 430062,China
  • Online:2022-06-10 Published:2022-06-08
  • About author:CAO Yang-chen,born in 1996,postgraduate.Her main research interests include machine learning and network traffic analysis.
    ZHU Guo-sheng,born in 1972,Ph.D,professor.His main research interests include next-generation Internet and software-defined networks.
  • Supported by:
    CERNET Innovation Project and Campus Regional Public Opinion Mining and Monitoring System Based on Network Traffic Reconstruction(NGII20170210).

Abstract: Intrusion detection is a technology that proactively defends against attacks in the network and plays a vital role in network management.Traditional intrusion detection technology cannot identify unknown attacks,which is also a problem that has plagued this field for a long time.Aiming at unknown types of intrusion attacks,an unknown attack recognition model combining K-Means and FP-Growth algorithms is proposed to extract the rules of unknown attacks.First,for the data of a mixture of multiple unknown attacks,cluster analysis is performed with K-Means based on the similarity between samples,and the silhouette coefficient is introduced to evaluate the effect of clustering.After the clustering is completed,the same unknown attacks are classified into the same cluster,the feature of unknown attack is manually extracted,the feature data is preprocessed,the continuous feature is discretized,and then the frequent item sets and association rules of the unknown attack data are mined by the FP-Growth algorithm,and finally the rule unknown attack is obtained by analyzing it.The rules of attack are used to detect this type of unknown attack.The results show that the accuracy rate can reach 98.74%,which is higher than that of the related algorithms.

Key words: K-Means, Association rules, FP-Growth, Intrusion detection, Unknown attack

CLC Number: 

  • TP181
[1] WANG S.Research of intrusion detection based on an improved K-means algorithm[C]//2011 Second International Conference on Innovations in Bio-inspired Computing and Applications.IEEE,2011:274-276.
[2] CHEN Y,ZHANG M J,XU F J.HTTP slow DoS attack detection method based on one-dimensional convolutional neural network[J].Journal of Computer Applications,2020,40(10):2973-2979.
[3] ZHANG Z,LIU Q,QIU S,et al.Unknown Attack DetectionBased on Zero-Shot Learning[J].IEEE Access,2020,8:193981-193991.
[4] ZHENG M X.Research on Intrusion Detection and Defense of Campus Network Based on Clustering[D].Hangzhou:Zhejiang University,2020.
[5] LI E Y.Research on Intrusion Detection System Based on Classic Clustering Algorithm and Association Algorithm[D].Chongqing:Chongqing University of Posts and Telecommunications,2020.
[6] ZHAO S.Research on Intrusion Detection System Based onCluster Analysis and Association Rules[D].Tangshan:North China University of Technology,2019.
[7] SAIED A,OVERILL R E,RADZIK T.Detection of known and unknown DDoS attacks using Artificial Neural Networks[J].Neurocomputing,2016,172(C):385-393.
[8] CASAS P,MAZEL J,OWEZARSKI P.Unsupervised network intrusion detection systems:Detecting the unknown without knowledge[J].Computer Communications,2012,35(7):772-783.
[9] LOBATO A G P,LOPEZ M A,SANZ I J,et al.An adaptivereal-time architecture for zero-day threat detection[C]//2018 IEEE International Conference on Communications(ICC).IEEE,2018:1-6.
[1] WANG Xin-tong, WANG Xuan, SUN Zhi-xin. Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network [J]. Computer Science, 2022, 49(8): 314-322.
[2] CHEN Yuan-yuan, WANG Zhi-hai. Concept Drift Detection Method for Multidimensional Data Stream Based on Clustering Partition [J]. Computer Science, 2022, 49(7): 25-30.
[3] ZHOU Zhi-hao, CHEN Lei, WU Xiang, QIU Dong-liang, LIANG Guang-sheng, ZENG Fan-qiao. SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm [J]. Computer Science, 2022, 49(6A): 562-570.
[4] WEI Hui, CHEN Ze-mao, ZHANG Li-qiang. Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns [J]. Computer Science, 2022, 49(6): 350-355.
[5] YANG Xu-hua, WANG Lei, YE Lei, ZHANG Duan, ZHOU Yan-bo, LONG Hai-xia. Complex Network Community Detection Algorithm Based on Node Similarity and Network Embedding [J]. Computer Science, 2022, 49(3): 121-128.
[6] KONG Yu-ting, TAN Fu-xiang, ZHAO Xin, ZHANG Zheng-hang, BAI Lu, QIAN Yu-rong. Review of K-means Algorithm Optimization Based on Differential Privacy [J]. Computer Science, 2022, 49(2): 162-173.
[7] ZHANG Shi-peng, LI Yong-zhong. Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions [J]. Computer Science, 2021, 48(9): 345-351.
[8] BAI Yong, ZHANG Zhan-long, XIONG Jun-di. Power Knowledge Text Mining Based on FP-Growth Algorithm and GRNN [J]. Computer Science, 2021, 48(8): 86-90.
[9] LI Bei-bei, SONG Jia-rui, DU Qing-yun, HE Jun-jiang. DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things [J]. Computer Science, 2021, 48(7): 47-54.
[10] CHENG Xi, CAO Xiao-mei. SQL Injection Attack Detection Method Based on Information Carrying [J]. Computer Science, 2021, 48(7): 70-76.
[11] CAO Yang-chen, ZHU Guo-sheng, QI Xiao-yun, ZOU Jie. Research on Intrusion Detection Classification Based on Random Forest [J]. Computer Science, 2021, 48(6A): 459-463.
[12] YU Jian-ye, QI Yong, WANG Bao-zhuo. Distributed Combination Deep Learning Intrusion Detection Method for Internet of Vehicles Based on Spark [J]. Computer Science, 2021, 48(6A): 518-523.
[13] XU Hui-hui, YAN Hua. Relative Risk Degree Based Risk Factor Analysis Algorithm for Congenital Heart Disease in Children [J]. Computer Science, 2021, 48(6): 210-214.
[14] JIA Lin, YANG Chao, SONG Ling-ling, CHENG Zhenand LI Bei-jun. Improved Negative Selection Algorithm and Its Application in Intrusion Detection [J]. Computer Science, 2021, 48(6): 324-331.
[15] WANG Ying-ying, CHANG Jun, WU Hao, ZHOU Xiang, PENG Yu. Intrusion Detection Method Based on WiFi-CSI [J]. Computer Science, 2021, 48(6): 343-348.
Full text



No Suggested Reading articles found!