基于改进卷积神经网络的网络入侵检测模型

doi:10.11772/j.issn.1001-9081.2019020327

计算机应用 ›› 2019, Vol. 39 ›› Issue (9): 2604-2610.DOI: 10.11772/j.issn.1001-9081.2019020327

基于改进卷积神经网络的网络入侵检测模型

杨宏宇, 王峰岩

中国民航大学计算机科学与技术学院, 天津 300300

收稿日期:2019-02-27 修回日期:2019-04-02 出版日期:2019-09-10 发布日期:2019-05-14
通讯作者: 杨宏宇
作者简介:杨宏宇(1969-),男,吉林长春人,教授,博士,CCF会员,主要研究方向:网络信息安全;王峰岩(1993-),男,河南南阳人,硕士研究生,主要研究方向:网络信息安全。
基金资助:
国家自然科学基金民航联合研究基金资助项目（U1833107）。

Network intrusion detection model based on improved convolutional neural network

YANG Hongyu, WANG Fengyan

College of Computer Science and Technology, Civil Aviation University of China, Tianjin 300300, China

Received:2019-02-27 Revised:2019-04-02 Online:2019-09-10 Published:2019-05-14
Supported by:
This work is partially supported by the Civil Aviation Joint Research Fund Project of National Natural Science Foundation of China (U1833107).

摘要/Abstract

摘要：

针对基于深度学习的网络入侵检测技术存在检测效率低、模型训练易出现过拟合和泛化能力较弱的问题，提出一种基于改进卷积神经网络（ICNN）的入侵检测模型（IBIDM）。与传统"卷积-池化-全连接"层叠式网络设计方式不同，该模型采用跨层聚合网络的设计方式。首先，将预处理后的训练集数据作为输入数据前向传播并提取网络特征，对跨层聚合网络的输出数据执行合并操作；然后，根据分类结果计算训练误差并通过反向传播过程进行迭代优化至模型收敛；最后，利用训练好的分类器对测试数据集进行分类测试。实验结果表明，IBIDM具有较高的入侵检测准确率和真正率，且误报率较低。

关键词: 网络入侵检测, 卷积神经网络, 前向传播, 跨层聚合, 迭代优化

Abstract:

Aiming at the problems of deep learning based network intrusion detection technology such as low detection efficiency, easy over-fitting and weak generalization ability of model training, an Improved Convolutional Neural Network (ICNN) based Intrusion Detection Model (IBIDM) was proposed. Different from the traditional "convolution-pooling-full connection" cascading network design method, the model adopted the design method of cross-layer aggregation network. Firstly, the pre-processed training set data was forwardly propagated as input data and the network features were extracted, and the merge operation was performed on the output data of the cross-layer aggregation network. Then, the training error was calculated according to the classification result and the model was iteratively optimized to convergence by the back propagation process. Finally, a classification test experiment was performed on the test dataset using the trained classifier. The experimental results show that IBIDM has high intrusion detection accuracy and true positive rate, and its false positive rate is low.

Key words: network intrusion detection, convolutional neural network, forward propagation, cross-layer aggregation, iterative optimization

中图分类号:

杨宏宇, 王峰岩. 基于改进卷积神经网络的网络入侵检测模型[J]. 计算机应用, 2019, 39(9): 2604-2610.

YANG Hongyu, WANG Fengyan. Network intrusion detection model based on improved convolutional neural network[J]. Journal of Computer Applications, 2019, 39(9): 2604-2610.

参考文献

[1] ZHENG K, CAI Z, ZHANG X, et al. Algorithms to speedup pattern matching for network intrusion detection systems[J]. Computer Communications, 2015, 62(C):47-58.
[2] SUNG J S, KANG S M, KWON T G. Pattern matching acceleration for network intrusion detection systems[C]//Proceedings of the 2005 International Conference on Embedded Computer Systems:Architectures, Modeling, and Simulation. Berlin:Springer, 2005:289-298.
[3] 李鹏,周文欢.基于K-means和决策树的混合入侵检测算法[J]. 计算机与现代化, 2017(12):12-16.(LI P, ZHOU W H. Mixed intrusion detection algorithm based on K-means and decision tree[J]. Computer and Modernization, 2017(12):12-16.)
[4] 戚名钰,刘铭,傅彦铭. 基于PCA的SVM网络入侵检测研究[J].信息网络安全, 2015(2):15-18.(QI M Y, LIU M, FU Y M. Research on network intrusion detection using support vector machines based on principal component analysis[J]. Netinfo Security, 2015(2):15-18.)
[5] XU Y, ZHAO H. Intrusion detection alarm filtering technology based on ant colony clustering algorithm[C]//Proceedings of the 2015 6th International Conference on Intelligent Systems Design and Engineering Applications. Washington, DC:IEEE Computer Society, 2016:470-473.
[6] 王秀英. 分布式网络时序关联入侵攻击行为检测系统设计[J]. 现代电子技术, 2018, 41(3):108-114. (WANG X Y. Design of temporal sequence association rule based intrusion detection behavior detection system for distributed network[J]. Modern Electronics Technique, 2018, 41(3):108-114.)
[7] ROY S S, MALLIK A, GULATI R, et al. A deep learning based artificial neural network approach for intrusion detection[C]//Proceedings of the 2017 International Conference on Mathematics and Computing, CCIS 655. Berlin:Springer, 2017:44-53.
[8] 马勇.模糊推理结合Michigan型遗传算法的网络入侵检测方案[J].电子设计工程,2016,24(11):108-111.(MA Y. A network intrusion detection schemer based on fuzzy inference and Michigan genetic algorithm[J]. Electronic Design Engineering, 2016, 24(11):108-111.)
[9] 陈虹,万广雪,肖振久.基于优化数据处理的深度信念网络模型的入侵检测方法[J].计算机应用,2017,37(6):1636-1643.(CHEN H, WAN G X, XIAO Z J. Intrusion detection method of deep belief network model based on optimization of data processing[J]. Journal of Computer Applications, 2017, 37(6):1636-1643.)
[10] QU F, ZHANG J, SHAO Z, et al. An intrusion detection model based on deep belief network[C]//Proceedings of the 2017 VI International Conference on Network, Communication and Computing. New York:ACM, 2017:97-101.
[11] YIN C, ZHU Y, FEI J, et al. A deep learning approach for intrusion detection using recurrent neural networks[J]. IEEE Access, 2017, 5:21954-21961.
[12] SHONE N, NGOC T N, PHAI V D, et al. A deep learning approach to network intrusion detection[J]. IEEE Transactions on Emerging Topics in Computational Intelligence, 2018, 2(1):41-50.
[13] 袁琴琴, 吕林涛. 基于改进蚁群算法与遗传算法组合的网络入侵检测[J]. 重庆邮电大学学报(自然科学版), 2017, 29(1):84-89.(YUAN Q Q, LYU L T. Network intrusion detection method based on combination of improved ant colony optimization and genetic algorithm[J]. Journal of Chongqing University of Posts and Telecommunications (Natural Science Edition), 2017, 29(1):84-89.
[14] 魏明军,王月月,金建国. 一种改进免疫算法的入侵检测设计[J].西安电子科技大学学报(自然科学版),2016,43(2):126-131.(WEI M J, WANG Y Y, JIN J G. Intrusion detection design of the impoved immune algorithm[J]. Journal of Xidian University (Natural Science), 2016, 43(2):126-131.)
[15] 贾凡,孔令智.基于卷积神经网络的入侵检测算法[J].北京理工大学学报,2017,37(12):1271-1275.(JIA F, KONG L Z. Intrusion detection algorithm based on convolutional neural network[J]. Transactions of Beijing Institute of Technology, 2017, 37(12):1271-1275.)
[16] 王明,李剑.基于卷积神经网络的网络入侵检测系统[J]. 信息安全研究,2017,3(11):990-994.(WANG M, LI J. Network intrusion detection model based on convolutional neural network[J]. Journal of Information Securyity Research, 2017, 3(11):990-994.)
[17] KWON D K, NATARAJAN K, SUH S C, et al. An empirical study on network anomaly detection using convolutional neural networks[C]//Proceedings of the IEEE 38th International Conference on Distributed Computing Systems. Piscataway, NJ:IEEE, 2018:1595-1598.
[18] VINAYAKUMAR R, SOMAN K P, POORNACHANDRAN P. Applying convolutional neural network for network intrusion detection[C]//Proceedings of the 2017 International Conference on Advanced Computing, Communications and Informatics. Piscataway, NJ:IEEE, 2017:1222-1228.
[19] DHANABAL L, PERIYASAMY S S. A study on NSL-KDD dataset for intrusion detection system based on classification algorithms[J]. International Journal of Advanced Research in Computer and Communication Engineering, 2015, 4(6):446-452.
[20] NSL-KDD dataset[EB/OL].[2018-07-20]. http://nsl.cs.unb.ca/NSL-KDD/.
[21] TensorFlow-GPU[EB/OL].[2018-07-20]. https://www.tensorflow.org/.
[22] LECUN Y, BOTTOU L, BENGIO Y, et al. Gradient-based learning applied to document recognition[J]. Proceedings of the IEEE, 1998, 86(11):2278-2324.
[23] HINTON G E, OSINDERO S, TEH Y. A fast learning algorithm for deep belief nets[J]. Neural Computation, 2006, 18(7):1527-1554.
[24] CHUNG J, GULCEHRE C, CHO K, et al. Gated feedback recurrent neural networks[C]//Proceedings of the 2015 International Conference on Machine Learning. New York:International Machine Learning Society, 2015:2067-2075.

基于改进卷积神经网络的网络入侵检测模型

Network intrusion detection model based on improved convolutional neural network

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	王贺兵, 张春梅. 基于非对称卷积-压缩激发-次代残差网络的人脸关键点检测[J]. 计算机应用, 2021, 41(9): 2741-2747.
[2]	宋中山, 梁家锐, 郑禄, 刘振宇, 帖军. 基于双向门控尺度特征融合的遥感场景分类[J]. 计算机应用, 2021, 41(9): 2726-2735.
[3]	李康康, 张静. 基于注意力机制的多层次编码和解码的图像描述模型[J]. 计算机应用, 2021, 41(9): 2504-2509.
[4]	张永斌, 常文欣, 孙连山, 张航. 基于字典的域名生成算法生成域名的检测方法[J]. 计算机应用, 2021, 41(9): 2609-2614.
[5]	赵宏, 孔东一. 图像特征注意力与自适应注意力融合的图像内容中文描述[J]. 计算机应用, 2021, 41(9): 2496-2503.
[6]	徐江浪, 李林燕, 万新军, 胡伏原. 结合目标检测的室内场景识别方法[J]. 计算机应用, 2021, 41(9): 2720-2725.
[7]	牟长宁, 王海鹏, 周丕宇, 侯鑫行. 基于图卷积神经网络的串联质谱从头测序[J]. 计算机应用, 2021, 41(9): 2773-2779.
[8]	曹玉红, 徐海, 刘荪傲, 王紫霄, 李宏亮. 基于深度学习的医学影像分割研究综述[J]. 计算机应用, 2021, 41(8): 2273-2287.
[9]	秦斌斌, 彭良康, 卢向明, 钱江波. 司机分心驾驶检测研究进展[J]. 计算机应用, 2021, 41(8): 2330-2337.
[10]	黄程程, 董霄霄, 李钊. 基于二维Winograd算法的深流水线5×5卷积方法[J]. 计算机应用, 2021, 41(8): 2258-2264.
[11]	曾祥银, 郑伯川, 刘丹. 基于深度卷积神经网络和聚类的左右轨道线检测[J]. 计算机应用, 2021, 41(8): 2324-2329.
[12]	高钦泉, 黄炳城, 刘文哲, 童同. 基于改进CenterNet的竹条表面缺陷检测方法[J]. 计算机应用, 2021, 41(7): 1933-1938.
[13]	谭道强, 曾诚, 乔金霞, 张俊. 基于混合注意力模型的阴影检测方法[J]. 计算机应用, 2021, 41(7): 2076-2081.
[14]	吴则举, 焦翠娟, 陈亮. 基于改进Faster R-CNN的轮胎缺陷检测方法[J]. 计算机应用, 2021, 41(7): 1939-1946.
[15]	杨粟, 欧阳智, 杜逆索. 基于相关度距离的无监督并行哈希图像检索[J]. 计算机应用, 2021, 41(7): 1902-1907.