Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (11A): 231000033-6.doi: 10.11896/jsjkx.231000033

• Information Security • Previous Articles     Next Articles

Study on Open Set Based Intrusion Detection Method

WANG Chundong, ZHANG Jiakai   

  1. School of Computer Science and Engineering,Tianjin University of Technology,Tianjin 300384,China
  • Online:2024-11-16 Published:2024-11-13
  • About author:WANG Chundong,born in 1969,Ph.D,professor,is a senior member of CCF(No.16230M).His main research interests include network information security,mobile intelligent terminal secu-rity,public opinion analysis and control,Internet of Things security and security situation awareness.
  • Supported by:
    Joint Funds of the National Natural Science Foundation of China(U1536122) and Tianjin Committee of Science and Technology Major Project,China(15ZXDSGX00030).

PDF (PC)

166

Abstract: Intrusion detection is an important task in network security,which aims to detect anomalous behaviors and potential attacks.In recent years,deep learning methods have made great breakthroughs in intrusion detection tasks.However,with the rapid development of the Internet industry in recent years,new types of attacks are increasing,and deep learning methods tend to give a prediction result in a known category with high confidence when faced with a new type of category in testing,resulting in the inability to recognize unknown attacks.Based on this,this paper proposes an open set identification method based on uncertainty modeling,i.e.,MC-Dropout is applied to deep learning classifiers to capture uncertainty and thus obtain high-quality prediction probabilities.This open set identification method is not only able to classify known categories,but also able to discriminate unknown categories.The proposed method is validated on the CICIDS2017 dataset,and is able to achieve the detection of unknown categories,and has a certain degree of sophistication compared with other existing methods,and achieves the best performance in all the metrics compared with the benchmark model,which can be effectively applied to the real-world network environment.

Key words: Intrusion detection, Open set identification, Deep learning, MC-Dropout

CLC Number: 

  • TP393
[1]GU J,WANG L H,WANG H W,et al.A novel approach to intrusion detection using SVM ensemble with feature augmentation[J].Comput.Secur.,2019,86:53-62.
[2]BELOUCH M,EL HADAJ S,IDHAMMAD M,et al.Performance evaluation of intrusion detection based on machine learning using Apache Spark[J].Procedia Computer Science,2018,127:1-6.
[3]NASR M,BAHRAMALI A,HOUMANSADR A,et al.DeepCorr:Strong Flow Correlation Attacks on Tor Using Deep Learning[C]//Proceedings of the 2018 ACM SIGSAC Confe-rence on Computer and Communications Security.2018.
[4]LI X K,CHEN W,ZHANG Q R,et al.Building Auto-Encoder Intrusion Detection System based on random forest feature se-lection[J].Comput.Secur.,2020,95:101851.
[5]XIAO Y H,XING C,ZHANG T N,et al.An Intrusion Detection Model Based on Feature Reduction and Convolutional Neural Networks[J].IEEE Access,2019,7:42210-42219.
[6]SCHEIRER W J,DE REZENDE ROCHA A,SAPKOTA A,et al.Toward Open Set Recognition[J].IEEE Transactions on Pattern Analysis and Machine Intelligence,2013,35(7):1757-1772.
[7]CRUZ S,COLEMAN C,RUDD E M,et al.Open set intrusion recognition for fine-grained attack categorization[C]//2017 IEEE International Symposium on Technologies for Homeland Security(HST).Waltham,MA,USA,2017:1-6.
[8]RUDD E M,JAIN L P,SCHEIRER W J,et al.The Extreme Value Machine[J].IEEE Transactions on Pattern Analysis and Machine Intelligence,2018,40(3):762-768.
[9]HENRYDOSS J,CRUZ S,RUDD E M,et al.Incremental Open Set Intrusion Recognition Using Extreme Value Machine[C]//2017 16th IEEE International Conference on Machine Learning and Applications(ICMLA).Cancun,Mexico,2017:1089-1093.
[10]SHU L,XU H,LIU B.Doc:Deep open classification of text documents[C]//Proceedings of the 2017 Conference on Empirical Methods in Natural Language Processing.2017:2911-2916.
[11]HASSEN M,CHAN P K.Learning a neural-network-based rep-resentation for open set recognition[C]//Proceedings of the 2020 SIAM International Conference on Data Mining.SIAM,2020:154-162.
[12]SHIEH C S,LIN W W,NGUYEN T T,et al.Detection of unknown ddos attacks with deep learning and gaussian mixture model[J].Applied Sciences,2021,11(11):5213.
[13]LAI Y,PING G,WU Y,et al.Opensmax:Unknown domaingeneration algorithm detection[J].Frontiers in Artificial Intelligence and Applications,2020,325:1850-1857.
[14]ZHANG Y,NIU J,GUO D,et al.Unknown network attack detection based on open set recognition[J].Procedia Computer Science,2020,174:387-392.
[15]LIU A,WANG Y,LI T.SFE-GACN:A novel unknown attack detection under insufficient data via intra categories generation in embedding space[J].Computers & Security,2021,105:102262.
[16]GUO J,GUO S,MA S,et al.Conservative Novelty Synthesizing Network for Malware Recognition in an Open-Set Scenario[J].IEEE Transactions on Neural Networks and Learning Systems,34(2):662-676.
[17]VAZE S,HAN K,VEDALOI A,et al.Open-Set Recognition:Good Closed-Set Classifier is All You Need[J].arXiv:2110.06207,2022.
[18]HASSEN M,CHAN P K.Learning a Neural-network-basedRepresentation for Open Set Recognition[C]//SDM.2018.
[1] DU Yu, YU Zishu, PENG Xiaohui, XU Zhiwei. Padding Load:Load Reducing Cluster Resource Waste and Deep Learning Training Costs [J]. Computer Science, 2024, 51(9): 71-79.
[2] XU Jinlong, GUI Zhonghua, LI Jia'nan, LI Yingying, HAN Lin. FP8 Quantization and Inference Memory Optimization Based on MLIR [J]. Computer Science, 2024, 51(9): 112-120.
[3] SUN Yumo, LI Xinhang, ZHAO Wenjie, ZHU Li, LIANG Ya’nan. Driving Towards Intelligent Future:The Application of Deep Learning in Rail Transit Innovation [J]. Computer Science, 2024, 51(8): 1-10.
[4] KONG Lingchao, LIU Guozhu. Review of Outlier Detection Algorithms [J]. Computer Science, 2024, 51(8): 20-33.
[5] TANG Ruiqi, XIAO Ting, CHI Ziqiu, WANG Zhe. Few-shot Image Classification Based on Pseudo-label Dependence Enhancement and NoiseInterferenceReduction [J]. Computer Science, 2024, 51(8): 152-159.
[6] XIAO Xiao, BAI Zhengyao, LI Zekai, LIU Xuheng, DU Jiajin. Parallel Multi-scale with Attention Mechanism for Point Cloud Upsampling [J]. Computer Science, 2024, 51(8): 183-191.
[7] ZHANG Junsan, CHENG Ming, SHEN Xiuxuan, LIU Yuxue, WANG Leiquan. Diversified Label Matrix Based Medical Image Report Generation [J]. Computer Science, 2024, 51(8): 200-208.
[8] GUO Fangyuan, JI Genlin. Video Anomaly Detection Method Based on Dual Discriminators and Pseudo Video Generation [J]. Computer Science, 2024, 51(8): 217-223.
[9] CHEN Siyu, MA Hailong, ZHANG Jianhui. Encrypted Traffic Classification of CNN and BiGRU Based on Self-attention [J]. Computer Science, 2024, 51(8): 396-402.
[10] YANG Heng, LIU Qinrang, FAN Wang, PEI Xue, WEI Shuai, WANG Xuan. Study on Deep Learning Automatic Scheduling Optimization Based on Feature Importance [J]. Computer Science, 2024, 51(7): 22-28.
[11] LI Jiaying, LIANG Yudong, LI Shaoji, ZHANG Kunpeng, ZHANG Chao. Study on Algorithm of Depth Image Super-resolution Guided by High-frequency Information ofColor Images [J]. Computer Science, 2024, 51(7): 197-205.
[12] SHI Dianxi, GAO Yunqi, SONG Linna, LIU Zhe, ZHOU Chenlei, CHEN Ying. Deep-Init:Non Joint Initialization Method for Visual Inertial Odometry Based on Deep Learning [J]. Computer Science, 2024, 51(7): 327-336.
[13] FAN Yi, HU Tao, YI Peng. Host Anomaly Detection Framework Based on Multifaceted Information Fusion of SemanticFeatures for System Calls [J]. Computer Science, 2024, 51(7): 380-388.
[14] GAN Run, WEI Xianglin, WANG Chao, WANG Bin, WANG Min, FAN Jianhua. Backdoor Attack Method in Autoencoder End-to-End Communication System [J]. Computer Science, 2024, 51(7): 413-421.
[15] HUANG Haixin, CAI Mingqi, WANG Yuyao. Review of Point Cloud Semantic Segmentation Based on Graph Convolutional Neural Networks [J]. Computer Science, 2024, 51(6A): 230400196-7.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.