基于深度自编码网络的安全态势要素获取机制

doi:10.11772/j.issn.1001-9081.2017.03.771

计算机应用 ›› 2017, Vol. 37 ›› Issue (3): 771-776.DOI: 10.11772/j.issn.1001-9081.2017.03.771

基于深度自编码网络的安全态势要素获取机制

朱江, 明月, 王森

重庆市移动通信重点实验室(重庆邮电大学), 重庆 400065

收稿日期:2016-08-04 修回日期:2016-09-12 出版日期:2017-03-10 发布日期:2017-03-22
通讯作者: 明月
作者简介:朱江(1977-),男,湖北荆州人,副教授,博士,主要研究方向:通信理论与技术、信息安全;明月(1992-),女,重庆人,硕士研究生,主要研究方向:网络安全态势感知;王森(1990-),男,重庆人,硕士研究生,主要研究方向为:网络安全态势感知。
基金资助:
国家自然科学基金资助项目（61271260，61301122）；重庆市科委自然科学基金资助项目（cstc2015jcyjA40050）。

Mechanism of security situation element acquisition based on deep auto-encoder network

ZHU Jiang, MING Yue, WANG Sen

Chongqing Key Laboratory of Mobile Communications Technology(Chongqing University of Posts and Telecommunications), Chongqing 400065, China

Received:2016-08-04 Revised:2016-09-12 Online:2017-03-10 Published:2017-03-22
Supported by:
This work is partially supported by the National Nature Science Foundation of China (61271260, 61301122), the Natural Science Foundation of Chongqing Science and Technology Commission (cstc2015jcyjA40050).

摘要/Abstract

摘要： 针对大规模网络态势要素获取时间复杂度较高和攻击样本不平衡导致小类样本分类精度不高的问题，提出一种基于深度自编码网络的态势要素获取机制。在该机制下，利用优化后的深度自编码网络作为基分类器，识别数据类型。一方面，在自编码网络的逐层训练中，提出一种结合交叉熵（CE）函数和反向传播（BP）算法的训练规则，克服传统的方差代价函数更新权值过慢的缺陷；另一方面，在深度网络的微调和分类阶段，提出一种主动在线采样（AOS）算法应用于分类器中，通过在线选择用于更新网络权值的攻击样本，达到总样本的去冗余和平衡各类攻击样本数量的目的，从而提高小类攻击样本的分类精度。经对实例数据的仿真分析，该方案有较好的态势要素获取精度，并能有效减少数据传输时的通信开销。

关键词: 网络安全, 态势要素, 深度自编码网络, 交叉熵函数, 主动学习

Abstract: To reduce the time complexity of situational element acquisition and cope with the low detection accuracy of small class samples caused by imbalanced class distribution of attack samples in large-scale networks, a situation element extraction mechanism based on deep auto-encoder network was proposed. In this mechanism, the improved deep auto-encoder network was introduced as basic classifier to identify data type. On the one hand, in the training of the auto-encoder network, the training rule based on Cross Entropy (CE) function and Back Propagation (BP) algorithm was adopted to overcome the shortcoming of slow weights updating by the traditional variance cost function. On the other hand, in the stage of fine-tuning and classification of the deep network, an Active Online Sampling (AOS) algorithm was applied in the classifier to select the samples online for updating the network weights, so as to eliminate redundancy of the total samples, balance the amounts of all sample types, improve the classification accuracy of small class samples. Simulation and analysis results show that the proposed scheme has a good accuracy of situation element extraction and small communication overhead of data transmission.

Key words: network security, situation element, deep auto-encoder network, cross-entropy function, active learning

中图分类号:

TP393.08

朱江, 明月, 王森. 基于深度自编码网络的安全态势要素获取机制[J]. 计算机应用, 2017, 37(3): 771-776.

ZHU Jiang, MING Yue, WANG Sen. Mechanism of security situation element acquisition based on deep auto-encoder network[J]. Journal of Computer Applications, 2017, 37(3): 771-776.

参考文献

[1] CORONATO A, DE PIETRO G. Situation awareness in applications of ambient assisted living for cognitive impaired people[J]. Mobile Networks and Applications, 2013, 18(3):444-453.
[2] 郭文忠, 林宗明, 陈国龙. 基于粒子群优化的网络安全态势要素获取[J]. 厦门大学学报:自然科学版, 2009, 48(2):202-206. (GUO W Z, LIN Z M, CHEN G L. Network security situation elements extraction based on PSO[J]. Journal of Xiamen University(Natural Science Edition), 2009, 48(2):202-206.)
[3] SKOPIK F, WURZENBERGER M, SETTANNI G, et al. Establishing national cyber situational awareness through incident information clustering[C]//Proceedings of the 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment. Piscataway, NJ:IEEE, 2015:1-8.
[4] 刘衍珩, 田大新, 余雪岗,等. 基于分布式学习的大规模网络入侵检测算法[J]. 软件学报, 2008, 19(4):993-1003. (LIU Y H, TIAN D X, YU X G, et al. Large-scale network intrusion detection algorithm based on distributed learning[J]. Journal of Software, 2008, 19(4):993-1003.)
[5] 王知音,禹龙,田生伟,等.基于栈式自编码的水体提取方法[J].计算机应用,2015,35(9):2706-2709. (WANG Z Y, YU L, TIAN S W, et al. Water body extraction method based on stacked autoencoder[J].Journal of Computer Applications, 2015, 35(9):2706-2709.)
[6] ZHANG Q, YANG L T, CHEN Z. Deep computation model for unsupervised feature learning on big data[J]. IEEE Transactions on Services Computing, 2016, 9(1):161-171.
[7] SCHÖLKOPF B, PLATT J, HOFMANN T. Greedy layer-wise training of deep networks[M]//Advances in Neural Information Processing Systems 19:Proceedings of the 2006 Conferences. Cambridge, MA:MIT Press, 2007:153-160.
[8] BENGIO Y, COURVILLE A, VINCENT P. Representation learning:a review and new perspectives[J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, 2012, 35(8):1798-1828.
[9] LE ROUX N, BENGIO Y. Deep belief networks are compact universal approximators[J]. Neural Computation, 2010, 22(8):2192-2207.
[10] CHEN Y, LIN Z, ZHAO X, et al. Deep learning-based classification of hyperspectral data[J]. IEEE Journal of Selected Topics in Applied Earth Observations & Remote Sensing, 2014, 7(6):2094-2107.
[11] 汪海波,陈雁翔,李艳秋.基于主成分分析和Softmax回归模型的人脸识别方法[J].合肥工业大学学报(自然科学版),2015,38(6):759-763.(WANG H B, CHEN Y X, LI Y Q. Face recognition method based on principal component analysis and Softmax regression model[J]. Journal of Hefei University of Technology (Natural Science), 2015, 38(6):759-763.)
[12] PEREZ-ORTIZ M, GUTIERREZ P A, HERVAS-MARTINEZ C, et al. Graph-based approaches for over-sampling in the context of ordinal regression[J]. IEEE Transactions on Knowledge & Data Engineering, 2015, 27(5):1233-1245.
[13] NGUYEN H M, COOPER E W, KAMEI K. A comparative study on sampling techniques for handling class imbalance in streaming data[C]//Proceedings of the 6th International Conference on Soft Computing and Intelligent Systems, and the 13th International Symposium on Advanced Intelligence Systems. Piscataway:IEEE, 2012:1762-1767.
[14] QI Y, ZHANG G. Strategy of active learning support vector machine for image retrieval[J]. IET Computer Vision, 2015, 10(1):87-94.
[15] HASAN M, ROY-CHOWDHURY A K. A continuous learning framework for activity recognition using deep hybrid feature models[J]. IEEE Transactions on Multimedia, 2015, 17(11):1909-1922.
[16] LAROCHELLE H, BENGIO Y, LOURADOUR J, et al. Exploring strategies for training deep neural networks[J]. Journal of Machine Learning Research, 2009, 10:1-40.
[17] LV Y, DUAN Y, KANG W, et al. Traffic flow prediction with big data:a deep learning approach[J]. IEEE Transactions on Intelligent Transportation Systems, 2015, 16(2):865-873.

基于深度自编码网络的安全态势要素获取机制

Mechanism of security situation element acquisition based on deep auto-encoder network

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	王月, 江逸茗, 兰巨龙. 基于改进三元组网络和K近邻算法的入侵检测[J]. 计算机应用, 2021, 41(7): 1996-2002.
[2]	张全龙, 王怀彬. 基于膨胀卷积和门控循环单元组合的入侵检测模型[J]. 计算机应用, 2021, 41(5): 1372-1377.
[3]	唐延强, 李成海, 宋亚飞. 基于改进粒子群优化和极限学习机的网络安全态势预测[J]. 计算机应用, 2021, 41(3): 768-773.
[4]	杭梦鑫, 陈伟, 张仁杰. 基于改进的一维卷积神经网络的异常流量检测[J]. 计算机应用, 2021, 41(2): 433-440.
[5]	易东义, 邓根强, 董超雄, 祝苗苗, 吕周平, 朱岁松. 基于图卷积神经网络的医保欺诈检测算法[J]. 计算机应用, 2020, 40(5): 1272-1277.
[6]	汪敏, 武禹伯, 闵帆. 基于多种聚类算法和多元线性回归的多分类主动学习算法[J]. 计算机应用, 2020, 40(12): 3437-3444.
[7]	池亚平, 莫崇维, 杨垠坦, 陈纯霞. 面向软件定义网络架构的入侵检测模型设计与实现[J]. 计算机应用, 2020, 40(1): 116-122.
[8]	任杰, 闵帆, 汪敏. 基于最远总距离采样的代价敏感主动学习[J]. 计算机应用, 2019, 39(9): 2499-2504.
[9]	龚彦鹭, 吕佳. 结合主动学习和密度峰值聚类的协同训练算法[J]. 计算机应用, 2019, 39(8): 2297-2301.
[10]	王佳欣, 冯毅, 由睿. 基于依赖关系图和通用漏洞评分系统的网络安全度量[J]. 计算机应用, 2019, 39(6): 1719-1727.
[11]	邱宁佳, 丛琳, 周思丞, 王鹏, 李岩芳. 结合改进主动学习的SVD-CNN弹幕文本分类算法[J]. 计算机应用, 2019, 39(3): 644-650.
[12]	杜俊雄, 陈伟, 李雪妍. 基于物联网设备指纹的情境认证方法[J]. 计算机应用, 2019, 39(2): 464-469.
[13]	郭方方, 潮洛蒙, 朱建文. 基于相似连接的多源数据并行预处理方法[J]. 计算机应用, 2019, 39(1): 57-60.
[14]	柴变芳, 吕峰, 李文斌, 王垚. 基于主动学习先验的半监督K-means聚类算法[J]. 计算机应用, 2018, 38(11): 3139-3143.
[15]	张传浩, 谷学汇, 孟彩霞. 基于软件定义网络的反嗅探攻击方法[J]. 计算机应用, 2018, 38(11): 3258-3262.