基于改进条件变分自编码器的入侵检测研究
Research on Intrusion Detection Based on Improved Conditional Variational Auto Encoder
DOI: 10.12677/CSA.2021.116169, PDF,    国家自然科学基金支持
作者: 朱 琼:中国航发上海商用航空发动机制造有限责任公司,上海;袁永晖, 田春岐:同济大学电子与信息工程学院,上海
关键词: 入侵检测条件变分自编码器生成网络过采样深度信念网络Intrusion Detection Conditional Variational Auto Encoder Generative Network Oversampling Deep Belief Nets
摘要: 现有的入侵检测方法大多集中于提高整体检测率,而应用于不平衡样本集上,传统方法往往在少数类攻击样本的识别上存在识别准确率低、误报率高的问题。因此,提出了一个结合入侵检测条件变分自编码器(Intrusion Detection Conditional Variational Auto Encoder, IDCVAE)和深度信念网络(Deep Belief Nets, DBN)的入侵检测方法。该方法首先利用IDCVAE学习数据的稀疏表示,然后使用其解码器部分扩充少数类样本,解决样本不均衡问题。最后利用DBN对平衡后的新数据集进行特征提取和分类。实验结果表明,本文的方法在保持整体检测率较高的同时,有效地提高了少数类攻击的检测率及误报率。
Abstract: At present, most of the existing intrusion detection methods focus on improving the overall detection rate. However, traditional methods often perform poorly in detecting minority class samples. Therefore, this paper proposed an intrusion detection method based on Intrusion Detection Conditional Variational Auto Encoder (IDCVAE) and Deep Belief Nets (DBN). IDCVAE can learn potential sparse representations in network data features and oversampling the minority class data. Deep belief network can effectively extract and classify the balanced new data set. Experimental results show that, the method in this paper effectively improves the detection rate of minority while keeping the high overall detection rate and low false alarm rate.
文章引用:朱琼, 袁永晖, 田春岐. 基于改进条件变分自编码器的入侵检测研究[J]. 计算机科学与应用, 2021, 11(6): 1637-1648. https://doi.org/10.12677/CSA.2021.116169

参考文献

[1] 李威, 杨忠明. 入侵检测系统的研究综述[J]. 吉林大学学报(信息科学版), 2016, 34(5): 657-662.
[2] 张勇东, 陈思洋, 彭雨荷, 等. 基于深度学习的网络入侵检测研究综述[J]. 广州大学学报(自然科学版), 2019, 18(3): 17-26.
[3] 于立婷, 谭小波, 解羽. 基于改进人工蜂群优化K-means的入侵检测模型[J]. 沈阳理工大学学报, 2019, 38(6): 8-14+27
[4] 柯钢. 改进粒子群算法优化支持向量机的入侵检测方法[J]. 合肥工业大学学报(自然科学版), 2019, 42(10): 1341-1345.
[5] 王洋, 吴建英, 黄金垒, 等. 基于贝叶斯攻击图的网络入侵意图识别方法[J]. 计算机工程与应用, 2019, 55(22): 73-79.
[6] Cabrera, J.B.D., Gutiérrez, C. and Mehra, R.K. (2008) Ensemble Methods for Anomaly Detection and Distributed Intrusion Detection in Mobile Ad-Hoc Networks. Information Fusion, 9, 96-119. [Google Scholar] [CrossRef
[7] Jin, K., Nara, S., Jo, S.Y., et al. (2017) Method of Intrusion De-tection Using Deep Neural Network. 2017 IEEE International Conference on Big Data and Smart Computing (BigComp), Jeju Island, 13-16 February 2017, 313-316. [Google Scholar] [CrossRef
[8] 刘月峰, 王成, 张亚斌, 等. 用于网络入侵检测的多尺度卷积CNN模型[J]. 计算机工程与应用, 2019, 55(3): 90-95+153.
[9] 刘月峰, 蔡爽, 杨涵晰, 等. 融合CNN与BiLSTM的网络入侵检测方法[J]. 计算机工程, 2019, 45(12): 127-133.
[10] Lou, X. (2013) Clustering Boundary Over-Sampling Classification Method for Imbalanced Data Sets. Journal of ZheJiang University (Engineering Science), 47, 944-950.
[11] 沈学利, 覃淑娟. 基于SMOTE和深度信念网络的异常检测[J]. 计算机应用, 2018, 38(7): 1941-1945.
[12] 曹卫东, 许志香, 王静. 基于深度生成模型的半监督入侵检测算法[J]. 计算机科学, 2019, 46(3): 197-201.
[13] Lopez-Martin, M., Carro, B., Sanchez-Esguevillas, A., et al. (2017) Conditional Variational Autoencoder for Prediction and Feature Recovery Applied to Intrusion Detection in IoT. Sensors, 17, 1967. [Google Scholar] [CrossRef] [PubMed]
[14] Lee, J. and Park, K. (2021) GAN-Based Imbalanced Data Intrusion Detec-tion System. Personal and Ubiquitous Computing, 25, 121-128. [Google Scholar] [CrossRef
[15] Kingma, D.P. and Welling, M. (2014) Auto-Encoding Variation-al Bayes. http://arxiv.org/abs/1312.6114
[16] 陈虹, 肖越, 肖成龙, 等. 融合最大相异系数密度的SMOTE算法的入侵检测方法[J]. 信息网络安全, 2019(3): 61-71.
[17] Su, T. Sun, H. and Wang, S. (2019) Intrusion Detection Using Convolutional Recurrent Neural Network. In: Proceedings of the 2019 8th International Conference on Computing and Pattern Recognition, ACM, Beijing, 413-419. [Google Scholar] [CrossRef
[18] Ma, T., Wang, F., Cheng, J., et al. (2016) A Hybrid Spectral Clus-tering and Deep Neural Network Ensemble Algorithm for Intrusion Detection in Sensor Networks. Sensors, 16, 1701. [Google Scholar] [CrossRef] [PubMed]