[1]张 震,周一成,田鸿朋.基于空间特征和生成对抗网络的网络入侵检测[J].郑州大学学报(工学版),2024,45(06):40-47.[doi:10.13705/j.issn.1671-6833.2024.06.001]
 ZHANG Zhen,ZHOU Yicheng,TIAN Hongpeng.Network Intrusion Detection Based on Spatial Features and GenerativeAdversarial Networks[J].Journal of Zhengzhou University (Engineering Science),2024,45(06):40-47.[doi:10.13705/j.issn.1671-6833.2024.06.001]
点击复制

基于空间特征和生成对抗网络的网络入侵检测()
分享到:

《郑州大学学报(工学版)》[ISSN:1671-6833/CN:41-1339/T]

卷:
45
期数:
2024年06期
页码:
40-47
栏目:
出版日期:
2024-09-25

文章信息/Info

Title:
Network Intrusion Detection Based on Spatial Features and GenerativeAdversarial Networks
文章编号:
1671-6833(2024)06-0040-08
作者:
张 震1 周一成2 田鸿朋1
1. 郑州大学 电气与信息工程学院,河南 郑州 450001;2. 郑州大学 河南先进技术研究院,河南 郑州 450001
Author(s):
ZHANG Zhen1 ZHOU Yicheng2 TIAN Hongpeng1
1. School of Electrical and Information Engineering, Zhengzhou University, Zhengzhou 450001, China; 2. Henan Institute of Advanced Technology, Zhengzhou University, Zhengzhou 450001, China
关键词:
入侵检测 异常检测 生成对抗网络 图像编码 卷积神经网络
Keywords:
intrusion detection anomaly detection generative adversarial networks image encoding convolutionalneural networks
分类号:
TP393
DOI:
10.13705/j.issn.1671-6833.2024.06.001
文献标志码:
A
摘要:
针对现有的入侵检测方法未能有效考虑到数据特征之间的关联性以及在高维离散的数据集上检测精度不高等问题,提出了一种基于空间特征与生成对抗网络的网络入侵检测方法 MBGAN。 首先,设计了一种将数据转换成灰度图的转换方法,使得卷积核能够捕获到图像中更多的上下文空间信息流。 其次,采用双向生成对抗网络模型进行异常检测,使用转换后的流量图像对模型进行训练,同时引入最小 Wasserstein 距离和梯度惩罚技术,解决模型训练中模式崩塌和不稳定问题。 实验结果表明:所提方法在 NSL-KDD、UNSW-NB15、CICIDIS2017 数据集上的检测精度分别为 97. 4%,92. 3%,94. 8%,召回率分别为 97. 2%,93. 1%,95. 6%,F1 值分别为 97. 3%,93. 0%,95. 2%,效果均优于其他方法。
Abstract:
Address issues such as the inadequate consideration of inter-feature correlations in existing intrusion detection methods and the need for improved detection accuracy on high-dimensional discrete datasets, a network intrusion detection method MBGAN based on spatial features and generative adversarial networks was proposed. Initially, a transformation approach was devised to convert one-dimensional data into two-dimensional grayscale images, enabling convolutional kernels to capture richer contextual information. Subsequently, a bidirectional generative adversarial network model was employed for anomaly detection. The model was trained using network traffic images, incorporating the minimum Wasserstein distance and gradient penalty techniques to mitigate mode collapseand instability during generative adversarial network training. Experimental verification showed that the detection accuracy of the proposed method on the NSL-KDD, UNSW-NB15 and CICIDIS2017 datasets was 97. 4%, 92. 3% and94. 8%, the recall rates were 97. 2%, 93. 1% and 95. 6%, and the F1 were 97. 3%, 93. 0% and 95. 2%, respectively, which were better than those of other methods.

参考文献/References:

[1] AHMED M, MAHMOOD A N, HU J K. A survey of network anomaly detection techniques [ J] . Journal of Network and Computer Applications, 2016, 60(C) : 19-31.

[2] FERRAG M A, MAGLARAS L, MOSCHOYIANNIS S,et al. Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study [ J] .Journal of Information Security and Applications, 2020,50(C) :102419.
[3] ZHANG X Q, YANG F, HU Y, et al. RANet: networkintrusion detection with group-gating convolutional neuralnetwork[ J] . Journal of Network and Computer Applications, 2022, 198: 103266.
[4] AL-HAWAWREH M, MOUSTAFA N, GARG S, et al.Deep learning-enabled threat intelligence scheme in theinternet of things networks [ J ] . IEEE Transactions onNetwork Science and Engineering, 2021, 8( 4) : 2968 -2981.
[5] 张安琳, 张启坤, 黄道颖, 等. 基于 CNN 与 BiGRU 融合神经网络的入侵检测模型[ J] . 郑州大学学报( 工学版) , 2022, 43(3) : 37-43.
ZHANG A L, ZHANG Q K, HUANG D Y, et al. Intrusion detection model based on CNN and BiGRU fusedneural network [ J ] . Journal of Zhengzhou University(Engineering Science) , 2022, 43(3) : 37-43.
[6] GOODFELLOW I J, POUGET-ABADIE J, MIRZA M, etal. Generative adversarial networks[EB / OL]. (2014-06-10) [2024-01-10] . http:∥arxiv. org / abs/ 1406. 2661.
[7] DIVYA S, JIANNONG C. Generative adversarial networks (GANs) : challenges, solutions, and future directions[ J] . ACM Computing Surveys, 2022,54(3) :1-42.
[8] ZHOU N R, ZHANG T F, XIE X W, et al. Hybrid quantum-classical generative adversarial networks for imagegeneration via learning discrete distribution [ J ]. SignalProcessing: Image Communication, 2023, 110: 116891.
[9] FRID-ADAR M, KLANG E, AMITAI M, et al. Synthetic data augmentation using GAN for improved liver lesionclassification[C]∥2018 IEEE 15th International Symposium on Biomedical Imaging ( ISBI 2018 ) . Piscataway:IEEE, 2018: 289-293.
[10] ISOLA P, ZHU J Y, ZHOU T H, et al. Image-to-imagetranslation with conditional adversarial networks [ C ] ∥2017 IEEE Conference on Computer Vision and PatternRecognition ( CVPR) . Piscataway: IEEE, 2017: 5967 -5976.
[11] ZHU J Y, PARK T, ISOLA P, et al. Unpaired image-to-image translation using cycle-consistent adversarial networks[C]∥2017 IEEE International Conference on Computer Vision ( ICCV) . Piscataway: IEEE, 2017: 2242 -2251.
[12] SCHLEGL T, SEEBÖCK P, WALDSTEIN S M, et al.Unsupervised anomaly detection with generative adversarial networks to guide marker discovery [EB / OL]. ( 2017 -03-17)[2024-01-10]. http:∥arxiv. org / abs/ 1703. 05921.
[13] LI D, CHEN D C, JIN B H, et al. MAD-GAN: multivariate anomaly detection for time series data with generativeadversarial networks[C]∥Artificial Neural Networks andMachine Learning-ICANN 2019. New York:ACM, 2019:703-716.
[14] DONAHUE J, KRÄHENBÜHL P, DARRELL T. Adversarial feature learning[EB / OL] . (2017-04-03) [2024-01-10] . http:∥arxiv. org / abs/ 1605. 09782.
[15] GEIGER A, LIU D Y, ALNEGHEIMISH S, et al.TadGAN: time series anomaly detection using generativeadversarial networks[ C]∥2020 IEEE International Conference on Big Data. Piscataway: IEEE, 2020: 33-43.
[16] 刘拥民, 杨钰津, 罗皓懿, 等. 基于双向循环生成对抗网络的无线传感网入侵检测方法[ J] . 计算机应用,2023, 43(1) : 160-168.
LIU Y M, YANG Y J, LUO H Y, et al. Intrusion detection method for wireless sensor network based on bidirectional circulation generative adversarial network[ J] . Journal of Computer Applications, 2023, 43(1): 160-168.
[17] 胡梦娜, 何强, 贾俊铖, 等. EB-GAN: 基于 BiGAN 的网络流 量 异 常 检 测 方 法 [ J] . 计 算 机 应 用 与 软 件,2023, 40(6) : 303-309.
HU M N, HE Q, JIA J C, et al. EB-GAN: network traffic anomaly detection method based on BiGAN[ J] . Computer Applications and Software, 2023, 40 ( 6 ) : 303-309.
[18] SONG J Y, PAUL R, YUN J H, et al. CNN-based anomaly detection for packet payloads of industrial controlsystem [ J ] . International Journal of Sensor Networks,2021, 36(1) : 36-49.
[19] ANDRESINI G, APPICE A, MALERBA D. Nearestcluster-based intrusion detection through convolutionalneural networks [ J] . Knowledge-Based Systems, 2021,216: 106798.
[20] LI Z P, QIN Z, HUANG K, etal. Intrusion detection using convolutional neural networks for representationlearning[C]∥Neural Information Processing: 24th International Conference. New York:ACM, 2017: 858-866.
[21] KIM T, SUH S C, KIM H, et al. An encoding techniquefor CNN-based network anomaly detection [ C ] ∥2018IEEE International Conference on Big Data. Piscataway:IEEE, 2018: 2960-2965.
[22] VAN DER MAATEN L, HINTON G. Viualizing data using T-SNE[ J] . Journal of Machine Learning Research,2008,9(2605) : 2579-2605.
[23] PREPARATA F P, HONG S J. Convex hulls of finitets of points in two and three dimensions[ J] . Communications of the ACM, 1977, 20(2) : 87-93.
[24] VERGARA J R, ESTÉVEZ P A. A review of feature selection methods based on mutual information[ J] . NeuralComputing and Applications, 2014, 24(1) : 175-186.
[25] RUBNER Y, TOMASI C, GUIBAS L J. The earth mover′sdistance as a metric for image retrieval[ J] . InternationalJournal of Computer Vision, 2000,40(2) :99-121.
[26] GULRAJANI I, AHMED F, ARJOVSKY M, et al. Improved training of Wasserstein GANs[ C]∥Proceedings ofthe 31st International Conference on Neural InformationProcessing Systems. New York:ACM, 2017: 5769-5779.
[27] LICHMAN M. UCI machine learning repository [ EB /OL] . [ 2024 - 01 - 10 ] . https:∥www. unb. ca / cic / datasets/ nsl. html.
[28] MOUSTAFA N,SLAY J. UNSW-NB15: a comprehensivedataset for network intrusion detection systems[ C]∥ Proceedings of the 2015 Military Communicationsand Information Systems Conference. Piscataway: IEEE,2015:1-6.
[29] IMAN S, ARASH H, Ali G. Toward Generating a NewIntrusion Detection Dataset and Intrusion Traffic Characterization[EB / OL] . [2024-01-10] . https:∥specialsci.cn / detail / 4ff953c0- 6952 - 4916 - bc7d - 7c4d851f868e?resourceType = 0.
[30] ZHAI S F, CHENG Y, LU W N, et al. Deep structuredenergy based models for anomaly detection[C]∥Proceedings of the 33rd International Conference on InternationalConferenceon Machine Learning-Volume 48. New York:ACM, 2016: 1100-1109.
[31] ZENATI H, ROMAIN M, FOO C S, et al. Adversariallylearned anomaly detection[ C]∥2018 IEEE InternationalConference on Data Mining ( ICDM) . Piscataway:IEEE,2018: 727-736.

相似文献/References:

[1]尹宏伟,杭雨晴,胡文军.融合异常检测与区域分割的高效K-means 聚类算法[J].郑州大学学报(工学版),2024,45(03):80.[doi:10. 13705/ j. issn. 1671-6833. 2024. 03. 010]
 YIN Hongwei,HANG Yuqing,HU Wenjun.Efficient K-means with Region Segment and Outlier Detection[J].Journal of Zhengzhou University (Engineering Science),2024,45(06):80.[doi:10. 13705/ j. issn. 1671-6833. 2024. 03. 010]
[2]张 震,张思源,田鸿朋.基于改进多因子优化蝙蝠算法的网络入侵检测方法[J].郑州大学学报(工学版),2024,45(05):52.[doi:10.13705/j.issn.1671-6833.2024.05.015]
 ZHANG Zhen,ZHANG Siyuan,TIAN Hongpeng.Network Intrusion Detection Method Based on Improved Multi-factorialOptimization Bat Algorithm[J].Journal of Zhengzhou University (Engineering Science),2024,45(06):52.[doi:10.13705/j.issn.1671-6833.2024.05.015]

更新日期/Last Update: 2024-09-29