基于三支决策和数据增广的入侵检测算法
CSTR:
作者:
作者单位:

江苏科技大学计算机学院,镇江 212100

通讯作者:

李永忠,男,教授,E-mail: lunwenyong20@163.com。

中图分类号:

TP309

基金项目:

国家自然科学基金(61471182)资助项目;江苏省研究生科研与实践创新计划(KYCX20_3163)资助项目。


Intrusion Detection Algorithm Based on Three-Way Decisions and Data Augmentation
Author:
Affiliation:

School of Computer Science, Jiangsu University of Science and Technology. Zhenjiang 212100, China

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献 [17]
  • |
  • 相似文献 [20]
  • | | |
  • 文章评论
    摘要:

    针对传统的入侵检测方法在未知攻击上表现不佳、且没有考虑信息不足的情况对于决策的影响的问题,本文提出了一种基于三支决策和数据增广的入侵检测算法CGAN-3WD。算法利用条件生成对抗网络来满足三支决策理论对数据信息的需求。首先基于三支决策理论对网络行为做出决策,将网络行为划分至正域、负域以及边界域中;之后基于条件生成对抗神经网络来完成数据增广,生成新的样本数据,从而为分类器提供更多的信息以支撑分类器将边界域转化为正域或者负域。NSL-KDD数据集被用于本文的实验中,实验证明,本文提出的算法CGAN-3WD在对入侵行为的检测上要优于对比的方法,能够有效地检测出入侵行为。

    Abstract:

    Since traditional intrusion detection methods perform poorly on unknown attacks and do not consider the impact of insufficient information on decision-making, an intrusion detection algorithm based on three three-way decisions and data augmentation called CGAN-3WD is proposed. The conditional generative confrontation nets are used to meet the data requirements of the three-way decisions. First, the three-way decisions theory is used to make decisions about network behavior, and it can catagorize network behavior into the positive domain, the negative domain or the boundary domain. Second, new samples are generated by the conditional generative adversarial nets, and the new samples can provide more information for the classifier to put the boundary domain into the positive or the negative domain. Third, the NSL-KDD dataset is used in the experiments. Experiments have proved that the CGAN-3WD model has indeed achieved good performance in intrusion detection, and it can effectively detect intrusions.

    表 5 入侵实验结果对比Table 5 Results of intrusion behavior comparison
    表 2 数据分布Table 2 Data distribution
    表 3 消融实验结果Table 3 Results for ablation experiment
    表 4 性能对比实验结果Table 4 Results for performance comparison
    图1 ROC曲线图Fig.1 ROC curve
    图2 ROC曲线图Fig.2 ROC curve
    参考文献
    [1] ZAVRAK S, ?SKEFIYELI M. Anomaly-based intrusion detection from network flow features using variational autoencoder[J]. IEEE Access, 2020, 8: 108346-108358.
    [2] FANG Weijian, TIAN Xiaoling, WILBUR D. Application of intrusion detection technology in network safety based on machine learning[J]. Safety Science, 2020, 124: 104604.
    [3] MAGáN-CARRIóN R, URDA D, DíAZ-CANO I, et al. Towards a reliable comparison and evaluation of network intrusion detection systems based on machine learning approaches[J]. Applied Sciences, 2020, 10(5): 1775.
    [4] ZHOU Ying, MAZZUCHI T A, SARKANI S. M-AdaBoost-A based ensemble system for network intrusion detection[J]. Expert Systems with Applications, 2020, 162: 113864.
    [5] ALZUBI Q M, ANBAR M, ALQATTAN Z N M, et al. Intrusion detection system based on a modified binary grey wolf optimisation[J]. Neural Computing and Applications, 2020, 32: 6125-6137.
    [6] TAO Peiying, SUN Zhe, SUN Zhixin. An improved intrusion detection algorithm based on GA and SVM[J]. IEEE Access, 2018, 6: 13624-13631.
    [7] ZHAO Guangzhen, ZHANG Cuixiao, ZHENG Llijuan. Intrusion detection using deep belief network and probabilistic neural network[C]//Proceedings of 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). [S.l.]: IEEE, 2017: 639-642.
    [8] MIRZA M, OSINDERO S. Conditional generative adversarial nets[EB/OL]. (2014-11-6)[2020-10-24]. https://arxiv.org/abs/1411.1784.
    [9] GOODFELLOW I, POUGET-ABADIE J, MIRZA M, et al. Generative adversarial nets[C]//Proceedings of the 27th International Conference on Neural Information Processing Systems. Cambridge, USA: MIT Press, 2014: 2672-2680.
    [10] YAO Yiyu. Three-way decisions with probabilistic rough sets[J]. Information Sciences, 2010, 180(3): 341-353.
    [11] 刘盾, 梁德翠. 广义三支决策与狭义三支决策[J]. 计算机科学与探索, 2017, 11(3): 502-510.
    [12] EVER Y K, SEKEROGLU B, DIMILILER K. Classification analysis of intrusion detection on NSL-KDD using machine learning algorithms[C]//Proceedings of International Conference on Mobile Web and Intelligent Information Systems. Cham, Germany: Springer, 2019: 111-122.
    [13] JIANG Hui, HE Zheng, YE Gang, et al. Network intrusion detection based on PSO-Xgboost model[J]. IEEE Access, 2020, 8: 58392-58401.
    [14] GAO Jianlei, CHAI Senchun, ZHANG Baihai, et al. Research on network intrusion detection based on incremental extreme learning machine and adaptive principal component analysis[J]. Energies, 2019, 12(7): 1223.
    [15] LI Yongzhong, ZHANG Shipeng, LI Yi, et al. Research on intrusion detection algorithm based on deep learning and semi-supervised clustering[J]. International Journal of Cyber Research and Education, 2020, 2(2): 38-60.
    [16] 曹卫东, 许志香, 王静. 基于深度生成模型的半监督入侵检测算法[J]. 计算机科学, 2019, 46(3): 197-201.
    [17] FERNáNDEZ A, GARCIA S, HERRERA F, et al. SMOTE for learning from imbalanced data: Progress and challenges, marking the 15-year anniversary[J]. Journal of Artificial Intelligence Research, 2018, 61: 863-905.
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

张师鹏,李永忠.基于三支决策和数据增广的入侵检测算法[J].南京航空航天大学学报,2021,53(5):735-742

复制
分享
文章指标
  • 点击次数:895
  • 下载次数: 1575
  • HTML阅读次数: 642
  • 引用次数: 0
历史
  • 收稿日期:2020-10-25
  • 最后修改日期:2020-11-07
  • 在线发布日期: 2021-10-05
文章二维码
您是第6967271位访问者
网站版权 © 南京航空航天大学学报
技术支持:北京勤云科技发展有限公司
请使用 Firefox、Chrome、IE10、IE11、360极速模式、搜狗极速模式、QQ极速模式等浏览器,其他浏览器不建议使用!