基于深度置信网络的入侵检测研究
Research on Intrusion Detection Based on Deep Confidence Network
摘要: 入侵检测作为一种积极主动的安全防范技术,在网络安全上的应用历来已久。但是随着互联网的发展和应用的不断深化,网络攻击和入侵在数量和技术水平上的不断变化,基于新类型、多并发的攻击,使传统的入侵检测技术已经无法满足现有网络安全的要求。深度学习作为目前机器学习和人工智能的前沿技术,在语音识别、计算机视觉、大数据处理等方面都取得了巨大成果,也为解决当前的入侵检测问题提供了一个新的思路。本文基于对传统入侵检测技术的研究,结合深度学习方法下的深度置信网络,提出了一种基于深度置信网络的入侵检测技术,根据入侵检测数据的特点对数据进行过取样和非[0, 1]区间的归一化,在深度置信网络的参数更新过程中,采用批梯度下降的可变学习率算法,加快了参数的更新过程,并在每批训练数据中,加入了对少类别标签的区分度,提高了准确率。实验证明,利用本文提出的方法,可以很好地提高入侵检测的准确率。
Abstract: As an active security prevention technology, intrusion detection has been used in network security for a long time. But with the development and application of Internet, network attack and intrusion are constantly changing in quantity and technology level. Based on new types and concurrent at-tacks, traditional intrusion detection technology has been unable to meet the requirements of existing network security. As a frontier technology of machine learning and artificial intelligence, deep learning has made great achievements in speech recognition, computer vision and big data processing, and has also provided a new idea for solving the current intrusion detection problem. This paper studies the traditional intrusion detection technology based on learning method combined with the depth and the depth of the belief network, proposes an intrusion detection technology based on deep belief networks, according to the characteristics of intrusion detection data of over sampling and non [0, 1] interval of data normalization, updates the parameters in the deep belief network in the process of using variable number of the gradient descent algorithm to speed up the learning rate, the parameters of the update process, and in each batch of the training data, join the discrimination on the labels, and improve the accuracy. Experiments show that the accuracy of intrusion detection can be improved greatly by using the method proposed in this paper.
文章引用:余淋. 基于深度置信网络的入侵检测研究[J]. 计算机科学与应用, 2018, 8(5): 687-701. https://doi.org/10.12677/CSA.2018.85077

参考文献

[1] 刘文涛. Linux网络入侵检测系统[M]. 北京: 电子工业出版社, 2004: 2-19.
[2] 陈传钩. 基于模式匹配的入侵检测研究[D]: [硕士学位论文]. 秦皇岛: 燕山大学, 2006.
[3] 朱俚治. 一种基于决策系统和决策树的误用检测算法[J]. 计算机与数字工程, 2016, 44(12): 2353-2355 + 2391.
[4] 赵伟. 基于SVM的入侵检测研究[D]: [硕士学位论文]. 北京: 北京交通大学, 2007.
[5] 杜强. 基于改进聚类分析算法的IDS模型构建[D]: [硕士学位论文]. 太原: 山西大学, 2011.
[6] 许铭. 基于免疫机理的入侵检测系统的研究[D]: [硕士学位论文]. 淮南: 安徽理工大学, 2010.
[7] 张宗飞. 量子遗传算法在网络误用检测中的应用[J]. 计算机工程与设计, 2010, 31(12): 2933-2935 + 2939.
[8] 屈洪春, 王帅. 一种基于进化神经网络的混合入侵检测模型[J]. 计算机科学, 2016, 43(S1): 335-338.
[9] 寇广, 汤光明, 王硕, 宋海涛, 边媛. 深度学习在僵尸云检测中的应用研究[J]. 通信学报, 2016, 37(11): 114-128.
[10] 李春林, 黄月江, 王宏, 牛长喜. 一种基于深度学习的网络入侵检测方法[J]. 信息安全与通信保密, 2014(10): 68-71.
[11] 杨昆朋. 基于深度学习的入侵检测[D]: [硕士学位论文]. 北京: 北京交通大学, 2015.
[12] 蔡之鑫. DBN和MDBoost2在入侵检测中的应用[D]: [硕士学位论文]. 广州: 广东工业大学, 2016.
[13] 钱铁云, 王毅, 张明明, 刘俊恺. 基于深度神经网络的入侵检测方法[J]. 华中科技大学学报(自然科学版), 2018, 46(1): 6-10.
[14] 陈虹, 万广雪, 肖振久. 基于优化数据处理的深度信念网络模型的入侵检测方法[J]. 计算机应用, 2017, 37(6): 1636-1643 + 1656.
[15] Nicolas, L.R. and Yoshua, B. (2008) Representational Power of Restricted Boltzmann Machines and Deep Belief Networks. Neural Computation, 20, No. 6.
[16] Rumelhart, D.E. (1986) Learning Representation by BP Errors. Nature, 7, 64-70.
[17] van der Smagt, P.P. (1994) Minimisa-tion Method for Training Feed forward Neural Network. Neural Networks, 7, 1-11.
[18] Hinton, G.E. (2007) Learning Multiple Lay-ers of Representation. Trends in Cognitive Sciences, 11, 428-434. [Google Scholar] [CrossRef] [PubMed]
[19] Behera, L., Kumar, S. and Patnaik, A. (2006) On Adaptive Learning Rate That Guarantees Convergence in Feed forward Networks. IEEE Transactions on Neural Networks, 17, 1116-1125.
[20] Bengio, Y., Lam-blin, P., Popovici, D., et al. (2007) Greedy Layer-Wise Training of Deep Networks. Advances in Neural Information Processing Sys-tems, 19, 153.
[21] Gafney, J.E. and Ulvila, J.W. (2001) Evaluation of Intrusion Detectors: A Decision Theory Approach. Proceedings IEEE Symposium on Security and Privacy, Oakland, 14-16 May 2000.
[22] Ghosh, P., Shakti, S. and Phadikar, S. (2016) A Cloud Intrusion Detection System Using Novel PRFCM Clustering and KNN Based Dempster-Shafer Rule. International Journal of Cloud Applications and Computing, 6, 18-35.
[23] Yu, Q., Wang, S., Wang, J.L. and Zhang, B.H. (2011) Research for SVM with Self-Reacting Feature Weighted in IDS. Advanced Materials Research, 204-210, 604-607. [Google Scholar] [CrossRef
[24] Song, J.H., Zhao, G. and Song, J.Y. (2013) Research on Property and Model Optimization of Multiclass SVM for NIDS. Applied Mechanics and Materials, 347, 616-619.
[25] Xu, J. (2013) IDS Method Based on Improved SVM Algorithm under Unbalanced Data Sets. Springer, New York.
[26] Wei, M., Su, J., Jin, J. and Wang, L. (2014) Research on Intrusion Detection System Based on BP Neural Network. Springer, Berlin Heidelberg.
[27] Yuan, J.S. and Wang, Y. (2013) The Development of Intrusion Detection System Based on Improved BP Neural Network. Advanced Materials Research, 718-720, 1973-1979.