计算机应用 ›› 2017, Vol. 37 ›› Issue (10): 2794-2798.DOI: 10.11772/j.issn.1001-9081.2017.10.2794

• 网络空间安全 • 上一篇    下一篇

面向社会安全事件的分布式神经网络攻击行为分类方法

肖圣龙1, 陈昕1, 李卓1,2   

  1. 1. 北京信息科技大学 计算机学院, 北京 100101;
    2. 网络文化与数字传播北京市重点实验室, 北京 100101
  • 收稿日期:2017-04-24 修回日期:2017-06-14 出版日期:2017-10-10 发布日期:2017-10-16
  • 通讯作者: 陈昕(1965-),男,江西南昌人,教授,博士生导师,博士,CCF高级会员,主要研究方向:大数据分析、网络安全,E-mail:chenxin@bistu.edu.cn
  • 作者简介:肖圣龙(1991-),男,福建莆田人,硕士研究生,主要研究方向:大数据分析、网络安全;陈昕(1965-),男,江西南昌人,教授,博士生导师,博士,CCF高级会员,主要研究方向:大数据分析、网络安全;李卓(1983-),男,河南南阳人,讲师,博士,CCF会员,主要研究方向:移动无线网络、分布式计算.
  • 基金资助:
    国家自然科学基金资助项目(61370065,61502040);国家科技支撑计划项目(2015BAK12B00)。

Distributed neural network for classification of attack behavior to social security events

XIAO Shenglong1, CHEN Xin1, LI Zhuo1,2   

  1. 1. School of Computer Science, Beijing Information Science and Technology University, Beijing 100101, China;
    2. Beijing Key Laboratory of Internet Culture and Digital Dissemination, Beijing 100101, China
  • Received:2017-04-24 Revised:2017-06-14 Online:2017-10-10 Published:2017-10-16
  • Supported by:
    This work is partially supported by the National Natural Science Foundation of China (61370065, 61502040), the National Key Technology Research and Development Program of the Ministry of Science and Technology of China (2015BAK12B00).

摘要: 大数据时代下,社会安全事件呈现出数据多样化、数据量快速递增等特点,社会安全事件的事态与特性分析决策面临巨大的挑战。高效、准确识别社会安全事件中的攻击行为的类型,并为社会安全事件处置决策提供帮助,已经成为国家与网络空间安全领域的关键性问题。针对社会安全事件攻击行为分类,提出一种基于Spark平台的分布式神经网络分类算法(DNNC)。DNNC算法通过提取攻击行为类型的相关属性作为神经网络的输入数据,建立了各属性与攻击类型之间的函数关系并生成分布式神经网络分类模型。实验结果表明,所提出DNNC算法在全球恐怖主义数据库所提供的数据集上,虽然在部分攻击类型上准确率有所下降,但平均准确率比决策树算法提升15.90个百分点,比集成决策树算法提升8.60个百分点。

关键词: 社会安全, 大数据, Spark分布式系统, 神经网络, 分类算法

Abstract: In the era of big data, the social security data becomes more diverse and its amount increases rapidly, which challenges the analysis and decision of social security events significantly. How to accurately categorize the attack behavior in a short time and support the analysis and decision making of social security events becomes an urgent problem needed to be solved in the field of national and cyberspace security. Aiming at the behavior of aggression in social security events, a new Distributed Neural Network Classification (DNNC) algorithm was proposed based on the Spark platform. The DNNC algorithm was used to analyze the related features of the attack behavior categories, and the features were used as the input of the neural network. Then the function relationship between the individual features and attack categories were established, and a neural network classification model was generated to classify the attack categories of social security events. Experimental results on the data provided by the global terrorism database show that the proposed algorithm can improve the average accuracy by 15.90 percentage points compared with the decision tree classification, and by 8.60 percentage points compared with the ensemble decision tree classification, only decreases the accuracy on part attack type.

Key words: social security, big data, Spark distributed system, neural network, classification algorithm

中图分类号: