基于人工蜂群算法的分布式入侵攻击检测系统
|
摘要
针对网络入侵攻击检测系统检测准确率与计算效率较低的问题,提出一种基于人工蜂群算法的分布式入侵攻击检测系统。将训练集划分为若干的子集,使用特征选择方法提取特征集中类内相关性高、类外相关性低的特征;对人工蜂群算法进行修改,通过引入全局搜索能力强的算法提高人工蜂群算法的性能;根据优化的特征子集与规则集对网络入侵攻击行为进行分类处理。基于网络入侵数据集的实验结果表明,该系统实现了较高的检测性能和计算效率。
Aiming at the problems of low detection accuracy and low computational efficiency of intrusion detection system of networks,we presented a distributed intrusion detection system of networks based on modified artificial bee colony. The training set was divided into several subsets,and we used feature selection methods to abstract the features of high inner-class correlation and low intra-class correlation. Then the artificial bee colony algorithm was modified,and the algorithm with strong global search capability was introduced to improve the performance of artificial bee colony algorithm. The intrusion attack behaviors of networks were classified based on the optimized feature sets and rule sets.Results of the experiment based on the datasets of networks intrusion indicated that the proposed system realizes a good detection performance and computational efficiency.
Aiming at the problems of low detection accuracy and low computational efficiency of intrusion detection system of networks,we presented a distributed intrusion detection system of networks based on modified artificial bee colony. The training set was divided into several subsets,and we used feature selection methods to abstract the features of high inner-class correlation and low intra-class correlation. Then the artificial bee colony algorithm was modified,and the algorithm with strong global search capability was introduced to improve the performance of artificial bee colony algorithm. The intrusion attack behaviors of networks were classified based on the optimized feature sets and rule sets.Results of the experiment based on the datasets of networks intrusion indicated that the proposed system realizes a good detection performance and computational efficiency.
引文
[1] 龚俭, 臧小东, 苏琪,等. 网络安全态势感知综述[J]. 软件学报, 2017, 28(4):1010-1026.
[2] 梁辰, 李成海, 周来恩. PCA-BP神经网络入侵检测方法[J]. 空军工程大学学报(自然科学版), 2016, 17(6):93-98.
[3] Hodo E, Bellekens X, Hamilton A, et al. Threat analysis of IoT networks using artificial neural network intrusion detection system[C]// International Symposium on Networks, Computers and Communications. IEEE, 2016:6865-6867.
[4] 王丹, 赵文兵, 丁治明. Web应用常见注入式安全漏洞检测关键技术综述[J]. 北京工业大学学报, 2016, 42(12):1822-1832.
[5] Müller V C. Fundamental issues of artificial intelligence[J]. Synthese Library, 2016, 3(1):112.
[6] 沈夏炯, 王龙, 韩道军. 人工蜂群优化的BP神经网络在入侵检测中的应用[J]. 计算机工程, 2016, 42(2):190-194.
[7] 杨可心, 桑永胜. 基于BP神经网络的DDoS攻击检测研究[J]. 四川大学学报(自然科学版), 2017, 54(1): 71-75.
[8] Lotfallahtabrizi P, Morgan Y. A novel host intrusion detection system using neural network[C]// IEEE, Computing and Communication Workshop and Conference. IEEE, 2018:124-130.
[9] 宋勇, 蔡志平. 一种基于信息论模型的入侵检测特征提取方法[J]. 电子科技大学学报, 2018, 47(2): 267-271.
[10] 刘云, 向婵, 王海花. 基于互信息的特征选择在入侵检测中的优化[J]. 西北大学学报(自然科学版), 2017, 47(5):666-673.
[11] Singh R, Kumar H, Singla R K. An intrusion detection system using network traffic profiling and online sequential extreme learning machine[J]. Expert Systems with Applications, 2015, 42(22):8609-8624.
[12] Kiran M S, Hakli H, Gunduz M, et al. Artificial bee colony algorithm with variable search strategy for continuous optimization[J]. Information Sciences, 2015, 300(C): 140-157.
[13] Abhaya, Kumar K. An efficient network intrusion detection system based on fuzzy C-means and support vector machine[C]// International Conference on Computer, Electrical & Communication Engineering. 2016:1-6.
[14] Ingre B, Yadav A. Performance analysis of NSL-KDD dataset using ANN[C]// International Conference on Signal Processing and Communication Engineering Systems. IEEE, 2015:92-96.
[15] Ripley B. tree: Classification and Regression Trees[J]. Wiley Interdisciplinary Reviews Data Mining & Knowledge Discovery, 2018, 1(1):14-23.
[16] Neshat M, Sepidnam G, Sargolzaei M, et al. Artificial fish swarm algorithm: a survey of the state-of-the-art, hybridization, combinatorial and indicative applications[J]. Artificial Intelligence Review, 2014, 42(4):965-997.
[17] Moustafa N, Slay J. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)[C]// Military Communications and Information Systems Conference. IEEE, 2015:1-6.
[18] Ambusaidi M, He X, Nanda P, et al. Building an intrusion detection system using a filter-based feature selection algorithm[J]. IEEE Transactions on Computers, 2016, 65(10):2986-2998.
[19] Ji S Y, Jeong B K, Choi S, et al. A multi-level intrusion detection method for abnormal network behaviors[J]. Journal of Network & Computer Applications, 2016, 62:9-17.
[20] Moustafa N, Creech G, Slay J. Big data analytics for intrusion detection system: statistical decision-making using finite dirichlet mixture models[M]//Data Analytics and Decision Support for Cybersecurity.Springer,Cham,2017:127-156.
[21] Tan Z, Jamdagni A, He X, et al. Detection of denial-of-service attacks based on computer vision techniques[J]. IEEE Transactions on Computers, 2015, 64(9): 2519-2533.
[22] Chen M H, Chang P C, Wu J L. A population-based incremental learning approach with artificial immune system for network intrusion detection[J]. Engineering Applications of Artificial Intelligence, 2016, 51: 171-181.
[2] 梁辰, 李成海, 周来恩. PCA-BP神经网络入侵检测方法[J]. 空军工程大学学报(自然科学版), 2016, 17(6):93-98.
[3] Hodo E, Bellekens X, Hamilton A, et al. Threat analysis of IoT networks using artificial neural network intrusion detection system[C]// International Symposium on Networks, Computers and Communications. IEEE, 2016:6865-6867.
[4] 王丹, 赵文兵, 丁治明. Web应用常见注入式安全漏洞检测关键技术综述[J]. 北京工业大学学报, 2016, 42(12):1822-1832.
[5] Müller V C. Fundamental issues of artificial intelligence[J]. Synthese Library, 2016, 3(1):112.
[6] 沈夏炯, 王龙, 韩道军. 人工蜂群优化的BP神经网络在入侵检测中的应用[J]. 计算机工程, 2016, 42(2):190-194.
[7] 杨可心, 桑永胜. 基于BP神经网络的DDoS攻击检测研究[J]. 四川大学学报(自然科学版), 2017, 54(1): 71-75.
[8] Lotfallahtabrizi P, Morgan Y. A novel host intrusion detection system using neural network[C]// IEEE, Computing and Communication Workshop and Conference. IEEE, 2018:124-130.
[9] 宋勇, 蔡志平. 一种基于信息论模型的入侵检测特征提取方法[J]. 电子科技大学学报, 2018, 47(2): 267-271.
[10] 刘云, 向婵, 王海花. 基于互信息的特征选择在入侵检测中的优化[J]. 西北大学学报(自然科学版), 2017, 47(5):666-673.
[11] Singh R, Kumar H, Singla R K. An intrusion detection system using network traffic profiling and online sequential extreme learning machine[J]. Expert Systems with Applications, 2015, 42(22):8609-8624.
[12] Kiran M S, Hakli H, Gunduz M, et al. Artificial bee colony algorithm with variable search strategy for continuous optimization[J]. Information Sciences, 2015, 300(C): 140-157.
[13] Abhaya, Kumar K. An efficient network intrusion detection system based on fuzzy C-means and support vector machine[C]// International Conference on Computer, Electrical & Communication Engineering. 2016:1-6.
[14] Ingre B, Yadav A. Performance analysis of NSL-KDD dataset using ANN[C]// International Conference on Signal Processing and Communication Engineering Systems. IEEE, 2015:92-96.
[15] Ripley B. tree: Classification and Regression Trees[J]. Wiley Interdisciplinary Reviews Data Mining & Knowledge Discovery, 2018, 1(1):14-23.
[16] Neshat M, Sepidnam G, Sargolzaei M, et al. Artificial fish swarm algorithm: a survey of the state-of-the-art, hybridization, combinatorial and indicative applications[J]. Artificial Intelligence Review, 2014, 42(4):965-997.
[17] Moustafa N, Slay J. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)[C]// Military Communications and Information Systems Conference. IEEE, 2015:1-6.
[18] Ambusaidi M, He X, Nanda P, et al. Building an intrusion detection system using a filter-based feature selection algorithm[J]. IEEE Transactions on Computers, 2016, 65(10):2986-2998.
[19] Ji S Y, Jeong B K, Choi S, et al. A multi-level intrusion detection method for abnormal network behaviors[J]. Journal of Network & Computer Applications, 2016, 62:9-17.
[20] Moustafa N, Creech G, Slay J. Big data analytics for intrusion detection system: statistical decision-making using finite dirichlet mixture models[M]//Data Analytics and Decision Support for Cybersecurity.Springer,Cham,2017:127-156.
[21] Tan Z, Jamdagni A, He X, et al. Detection of denial-of-service attacks based on computer vision techniques[J]. IEEE Transactions on Computers, 2015, 64(9): 2519-2533.
[22] Chen M H, Chang P C, Wu J L. A population-based incremental learning approach with artificial immune system for network intrusion detection[J]. Engineering Applications of Artificial Intelligence, 2016, 51: 171-181.