| 基于改进CGANs的入侵检测方法研究 |
| |
| 引用本文: | 彭中联,万巍,荆涛,魏金侠.基于改进CGANs的入侵检测方法研究[J].信息网络安全,2020(5):47-56. |
| |
| 作者姓名: | 彭中联 万巍 荆涛 魏金侠 |
| |
| 作者单位: | 中国科学院计算机网络信息中心;中国科学院大学;中国科学院办公厅 |
| |
| 基金项目: | 中国科学院信息化专项[XXH13507]。 |
| |
| 摘 要: | 近年来,机器学习算法在入侵检测系统(IDS)中的应用获得越来越多的关注。然而,传统的机器学习算法更多的依赖于已知样本,因此需要尽可能多的数据样本来对模型进行训练。遗憾地是,随着越来越多未知攻击的出现,且用于训练的攻击样本具有不平衡性,传统的机器学习模型会遇到瓶颈。文章提出一种将改进后的条件生成对抗网络(CGANs)与深度神经网络(DNN)相结合的入侵检测模型(CGANs-DNN),通过解决样本不平衡性问题来提高检测模型对未知攻击类型或只有少数攻击样本类型的检测率。深度神经网络(DNN)具有表征数据潜在特征的能力,而经过改进后的条件CGANs,能够通过学习已知攻击样本潜在数据特征分布,来根据指定类型生成新的攻击样本。此外,与生成对抗网络(GANs)和变分自编码器(VAE)等无监督生成模型相比,CGANsDNN经过改进后加入梯度惩罚项,在训练的稳定性上有了很大地提升。通过NSL-KDD数据集对模型进行评估,与传统算法相比CGANs-DNN不仅在整体准确率、召回率和误报率等方面有更好的性能,而且对未知攻击和只有少数样本的攻击类型具有较高的检测率。
|
| 关 键 词: | 入侵检测 生成对抗网络 条件GAN |
Research on Intrusion Detection Method Based on Modified CGANs |
| |
| PENG Zhonglian,WAN Wei,JING Tao,WEI Jinxia.Research on Intrusion Detection Method Based on Modified CGANs[J].Netinfo Security,2020(5):47-56. |
| |
| Authors: | PENG Zhonglian WAN Wei JING Tao WEI Jinxia |
| |
| Affiliation: | (Computer Network Information Center of the Chinese Academy of Sciences,Beijing 100190,China;University of Chinese Academy of Sciences,Beijing 100049,China;Office of General Affairs,Chinese Academy of Sciences,Beijing 100084,China) |
| |
| Abstract: | In recent years,more and more attention has been paid to the application of machine learning algorithms in intrusion detection systems(IDS).However,traditional machine learning algorithms rely more on known samples,so they need as many data samples as possible to train the model.Unfortunately,as more and more unknown attacks emerge and the attack samples used for training become unbalanced,traditional machine learning models may run into bottlenecks.This paper proposes an intrusion detection model combining improved conditional generation countermeasures network(CGANs) and deep neural network(DNN),namely CGANs-DNN,to improve the detection rate of the detection model against unknown attack types or only a few attack sample types by solving the problem of sample imbalance.Deep neural network(DNN) has the ability to represent the potential characteristics of data,while the improved conditional CGANs can generate new attack samples based on the specified type by learning the potential data distribution of known attack samples.In addition,compared with the unsupervised generation models such as GANs and VAE,the supervised generation model CGANs-DNN in this paper was improved by adding the gradient penalty item,which greatly improved the stability of training.In this paper,NSLKDD data set was used to evaluate the results of the model.Compared with the traditional algorithm,the results show that CGANs-DNN not only has better performance in terms of overall accuracy,recall rate and false positives rate,but also has a higher detection rate for unknown attacks and attack types with only a few samples. |
| |
| Keywords: | intrusion detection generative adversarial networks conditional GAN |
| 本文献已被 维普 等数据库收录! |
|
