《计算机应用》唯一官方网站 ›› 2023, Vol. 43 ›› Issue (1): 160-168.DOI: 10.11772/j.issn.1001-9081.2021112001

所属专题: 网络空间安全

• 网络空间安全 • 上一篇    下一篇

基于双向循环生成对抗网络的无线传感网入侵检测方法

刘拥民1,2, 杨钰津1,2, 罗皓懿1,2, 黄浩1,2, 谢铁强1,2   

  1. 1.中南林业科技大学 计算机与信息工程学院,长沙 410004
    2.中南林业科技大学 智慧林业云研究中心,长沙 410004
  • 收稿日期:2021-11-24 修回日期:2022-04-27 发布日期:2023-01-12
  • 作者简介:刘拥民(1971—),男,湖南株洲人,教授,博士,CCF会员,主要研究方向:人工智能、无线传感器网络 email:t20040550@csuft.edu.cn;杨钰津(1997—),女,湖南岳阳人,硕士研究生,主要研究方向:网络安全、人工智能;罗皓懿(1997—),男,湖南长沙人,硕士研究生,主要研究方向:数据挖掘、人工智能;黄浩(1997—),男,湖南郴州人,硕士研究生,主要研究方向:网络安全;谢铁强(1975—),男,湖南湘潭人,副教授,博士研究生,主要研究方向:网络安全;
  • 基金资助:
    国家自然科学基金资助项目(31870532);湖南省自然科学基金资助项目(2021JJ31163);湖南省教育科学“十三五”规划2020年度基金资助项目(XJK20BGD048)。

Intrusion detection method for wireless sensor network based on bidirectional circulation generative adversarial network

LIU Yongmin1,2, YANG Yujin1,2, LUO Haoyi1,2, HUANG Hao1,2, XIE Tieqiang1,2   

  1. 1.School of Computer and Information Engineering, Central South University of Forestry and Technology, Changsha Hunan 410004, China
    2.Smart Forest Cloud Research Center, Central South University of Forestry and Technology, Changsha Hunan 410004, China
  • Received:2021-11-24 Revised:2022-04-27 Online:2023-01-12
  • Contact: LIU Yongmin, born in 1971, Ph. D., professor. His research interests include artificial intelligence, wireless sensor network.
  • About author:YANG Yujin, born in 1997, M. S. candidate. Her research interests include network security, artificial intelligence;LUO Haoyi, born in 1997, M. S. candidate. His research interests include data mining, artificial intelligence;HUANG Hao, born in 1997, M. S. candidate. His research interests include network security;XIE Tieqiang, born in 1975, Ph. D. candidate, associate professor. His research interests include network security;
  • Supported by:
    This work is partially supported by National Natural Science Foundation of China (31870532), Natural Science Foundation of Hunan Province (2021JJ31163), Hunan Education Science “13th Five Year Plan” 2020 Funded Project (XJK20BGD048).

摘要: 针对无线传感器网络(WSN)入侵检测方法在离散高维特征的不平衡数据集上检测精度低和泛化能力差的问题,提出一种基于双向循环生成对抗网络的WSN入侵检测方法BiCirGAN。首先,引入对抗学习异常检测(ALAD)通过潜在空间合理地表示高维、离散的原始特征,提高对原始特征的可理解性。其次,采用双向循环对抗的结构确保真实空间和潜在空间双向循环的一致性,从而保证生成对抗网络(GAN)训练的稳定性,并提高异常检测的性能。同时,引入Wasserstein距离和谱归一化优化方法改进GAN的目标函数,以进一步解决GAN的模式崩坏与生成器缺乏多样性的问题。最后,由于入侵攻击数据的统计属性随时间以不可预见的方式变化,建立带有Dropout操作的全连接层网络对异常检测结果进行优化。实验结果表明,在KDD99、UNSW-NB15和WSN_DS数据集上,相较于AnoGAN、BiGAN、MAD-GAN以及ALAD方法,BiCirGAN在检测精确度上提高了3.9%~33.0%,且平均推断速度是ALAD方法的4.67倍。

关键词: 无线传感器网络, 入侵检测, 生成对抗网络, 谱归一化, 对抗学习

Abstract: Aiming at the problems of low detection accuracy and poor generalization ability of Wreless Sensor Network (WSN) intrusion detection methods on imbalanced datasets with discrete high-dimensional features, an intrusion detection method for WSN based on Bidirectional Circulation Generative Adversarial Network was proposed, namely BiCirGAN. Firstly, Adversarially Learned Anomaly Detection (ALAD) was introduced to improve the understandability of the original features by reasonably representing the high-dimensional, discrete original features through the latent space. Secondly, the bidirectional circulation adversarial structure was adopted to ensure the consistency of bidirectional circulation in real space and latent space, thereby ensuring the stability of Generative Adversarial Network (GAN) training and improving performance of anomaly detection. At the same time, Wasserstein distance and spectral normalization optimization methods were introduced to improve the objective function of GAN to further solve the problems of mode collapse of GAN and lack of diversity of generators. Finally, because the statistical properties of intrusion attack data changed in an unpredictable way over time, a full connection layer network with Dropout operation was established to optimize the anomaly detection results. Experimental results on KDD99, UNSW-NB15 and WSN_DS datasets show that compared to Anomaly detection with GAN (AnoGAN), Bidirectional GAN (BiGAN), Multivariate Anomaly Detection with GAN (MAD-GAN) and ALAD methods, BiCirGAN has a 3.9% to 33.0% improvement in detection accuracy, and the average inference speed is 4.67 times faster than that of ALAD method.

Key words: Wireless Sensor Network (WSN), intrusion detection, Generative Adversarial Networks (GAN), spectral normalization, adversarial learning

中图分类号: