基于智能蝙蝠算法的异常数据检测方法
|
摘要
随着大数据应用的普及,网络攻击日益严重并已成为主要的网络安全问题。针对大数据环境下的网络攻击检测问题,设计一种融合聚类和智能蝙蝠算法(DEBA)的网络攻击检测系统。该系统将K-means算法与蝙蝠算法相结合进行数据流分类,实现了对异常数据的高效检测。实验结果显示,该系统的聚类准确率、算法耗时和误报率方面明显优于基于传统蝙蝠算法的K-means算法和单独K-means算法的网络异常数据检测方法。
With the popularity of big data applications, network attacks become more serious and become the main network security problems. Aiming at the problem of network attack detection in large data environment, a network attack detection system is designed, which combines clustering with intelligent bat algorithm(DEBA). The system combines K-means algorithm with bat algorithm to classify data stream, and achieves efficient detection of abnormal data. The experimental results show that the clustering accuracy, algorithm time-consuming and false alarm rate of the system are obviously better than the K-means algorithm based on the traditional bat algorithm and the K-means algorithm based on the single network anomaly detection method.
With the popularity of big data applications, network attacks become more serious and become the main network security problems. Aiming at the problem of network attack detection in large data environment, a network attack detection system is designed, which combines clustering with intelligent bat algorithm(DEBA). The system combines K-means algorithm with bat algorithm to classify data stream, and achieves efficient detection of abnormal data. The experimental results show that the clustering accuracy, algorithm time-consuming and false alarm rate of the system are obviously better than the K-means algorithm based on the traditional bat algorithm and the K-means algorithm based on the single network anomaly detection method.
引文
[1] XUE F, XU S, LUO Y T, et al. Design of digital camouflage by recursive overlapping of pattern templates[J]. Neurocomputing, 2015,172(C):262-270.
[2] BAYINDIR L. A review of swarm robotics tasks[J]. Neurocomputing, 2016,172(C):292-321.
[3] HAMAMOTO A H, SAMPAIO L D H, ABR?O T, et al. Network anomaly detection system using genetic algorithm and fuzzy logic[J]. Expert Systems with Applications, 2017,92:390-402.
[4] MENDON?A R M D, NEDJAH N, MOURELLE L D M. Efficient distributed algorithm of dynamic task assignment for swarm robotics[M]// Computational Science and Its Applications. Springer, Berlin, Heidelberg, 2013:500-510.
[5] PTACEK T H, NEWSHAM T N, SIMPSON H J. Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection[R]. Secure Networks Inc., 1998.
[6] SHEN X J, MU L, LI Z, et al. Large-scale support vector machine classification with redundant data reduction[J]. Neurocomputing, 2015,172(C):189-197.
[7] WANG K, STOLFO S J. Anomalous payload-based network intrusion detection[C]// International Workshop on Recent Advances in Intrusion Detection. Springer,Berlin, Heidelberg, 2004:203-222.
[8] MIRJALILI S, MIRJALILI S M, YANG X S. Binary bat algorithm[J]. Neural Computing & Applications, 2014,25(3-4):663-681.
[9] 徐鹏,姜凤茹. 粒子群算法和K近邻相融合的网络入侵检测[J]. 计算机工程与应用, 2014,50(11):95-98.
[10] 覃爱明,胡昌振,谭惠民. 数据挖掘技术在网络攻击检测中的应用[J]. 计算机工程与应用, 2002,38(11):177-180.
[11] 鞠秋文. PSO-SVM算法在网络入侵检测中的研究[J]. 计算机仿真, 2011,28(4):130-132.
[12] 刘智国,张雅明,林立忠. 基于粒子群LSSVM的网络入侵检测[J]. 计算机仿真, 2010,27(11):136-139.
[13] 肖国荣. 改进蚁群算法和支持向量机的网络入侵检测[J]. 计算机工程与应用, 2014,50(3):75-78.
[14] 颜谦和,颜珍平. 遗传算法优化的神经网络入侵检测系统[J]. 计算机仿真, 2011,28(4):141-144.
[15] 肖立中,SHAO Z Q,马汉华,等. 网络入侵检测中的自动决定聚类数算法[J]. 软件学报, 2008,19(8):2140-2148.
[16] 李辉,管晓宏,昝鑫,等. 基于支持向量机的网络入侵检测[J]. 计算机研究与发展, 2003,40(6):799-807.
[17] 华辉有,陈启买,刘海,等. 一种融合K-means和KNN的网络入侵检测算法[J]. 计算机科学, 2016,43(3):158-162.
[18] 胡威. 一种改进的K-means算法在网络入侵检测中的应用研究[D]. 合肥:合肥工业大学, 2017.
[19] 刘羿. 蝙蝠算法优化神经网络的网络入侵检测[J]. 计算机仿真, 2015,32(2):311-314.
[20] 彭泓,丁玉成. 基于遗传交叉因子的蝙蝠算法的改进[J]. 激光杂志, 2015(2):23-26.
[21] 陈志敏,吴盘龙,薄煜明,等. 基于自控蝙蝠算法智能优化粒子滤波的机动目标跟踪方法[J]. 电子学报, 2018,46(4):886-894.
[22] 肖辉辉,段艳明. 基于DE算法改进的蝙蝠算法的研究及应用[J]. 计算机仿真, 2014,31(1):272-277.
[23] 傅涛,孙文静. PSO-based K-means算法及其在网络入侵检测中的应用[J]. 计算机科学, 2013,40(11):137-139.
[24] 赵石真. 基于SVM的k-means聚类算法在WSN入侵检测中的应用[D]. 成都:西华大学, 2016.
[25] 韦海宇,王勇,柯文龙,等.基于改进极端随机树的异常网络流量分类方法[J/OL]. 计算机工程. (2017-12-22). http://kns.cnki.net/kcms/detail/31.1289.TP.20171220.1332.012.html.
[26] 马超.基于ReliefF和改进乌鸦搜索优化的并行入侵检测方法[J/OL]. 计算机应用研究. (2018-08-11). http://kns.cnki.net/kcms/detail/51.1196.TP.20180811.1341.098.html.
[2] BAYINDIR L. A review of swarm robotics tasks[J]. Neurocomputing, 2016,172(C):292-321.
[3] HAMAMOTO A H, SAMPAIO L D H, ABR?O T, et al. Network anomaly detection system using genetic algorithm and fuzzy logic[J]. Expert Systems with Applications, 2017,92:390-402.
[4] MENDON?A R M D, NEDJAH N, MOURELLE L D M. Efficient distributed algorithm of dynamic task assignment for swarm robotics[M]// Computational Science and Its Applications. Springer, Berlin, Heidelberg, 2013:500-510.
[5] PTACEK T H, NEWSHAM T N, SIMPSON H J. Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection[R]. Secure Networks Inc., 1998.
[6] SHEN X J, MU L, LI Z, et al. Large-scale support vector machine classification with redundant data reduction[J]. Neurocomputing, 2015,172(C):189-197.
[7] WANG K, STOLFO S J. Anomalous payload-based network intrusion detection[C]// International Workshop on Recent Advances in Intrusion Detection. Springer,Berlin, Heidelberg, 2004:203-222.
[8] MIRJALILI S, MIRJALILI S M, YANG X S. Binary bat algorithm[J]. Neural Computing & Applications, 2014,25(3-4):663-681.
[9] 徐鹏,姜凤茹. 粒子群算法和K近邻相融合的网络入侵检测[J]. 计算机工程与应用, 2014,50(11):95-98.
[10] 覃爱明,胡昌振,谭惠民. 数据挖掘技术在网络攻击检测中的应用[J]. 计算机工程与应用, 2002,38(11):177-180.
[11] 鞠秋文. PSO-SVM算法在网络入侵检测中的研究[J]. 计算机仿真, 2011,28(4):130-132.
[12] 刘智国,张雅明,林立忠. 基于粒子群LSSVM的网络入侵检测[J]. 计算机仿真, 2010,27(11):136-139.
[13] 肖国荣. 改进蚁群算法和支持向量机的网络入侵检测[J]. 计算机工程与应用, 2014,50(3):75-78.
[14] 颜谦和,颜珍平. 遗传算法优化的神经网络入侵检测系统[J]. 计算机仿真, 2011,28(4):141-144.
[15] 肖立中,SHAO Z Q,马汉华,等. 网络入侵检测中的自动决定聚类数算法[J]. 软件学报, 2008,19(8):2140-2148.
[16] 李辉,管晓宏,昝鑫,等. 基于支持向量机的网络入侵检测[J]. 计算机研究与发展, 2003,40(6):799-807.
[17] 华辉有,陈启买,刘海,等. 一种融合K-means和KNN的网络入侵检测算法[J]. 计算机科学, 2016,43(3):158-162.
[18] 胡威. 一种改进的K-means算法在网络入侵检测中的应用研究[D]. 合肥:合肥工业大学, 2017.
[19] 刘羿. 蝙蝠算法优化神经网络的网络入侵检测[J]. 计算机仿真, 2015,32(2):311-314.
[20] 彭泓,丁玉成. 基于遗传交叉因子的蝙蝠算法的改进[J]. 激光杂志, 2015(2):23-26.
[21] 陈志敏,吴盘龙,薄煜明,等. 基于自控蝙蝠算法智能优化粒子滤波的机动目标跟踪方法[J]. 电子学报, 2018,46(4):886-894.
[22] 肖辉辉,段艳明. 基于DE算法改进的蝙蝠算法的研究及应用[J]. 计算机仿真, 2014,31(1):272-277.
[23] 傅涛,孙文静. PSO-based K-means算法及其在网络入侵检测中的应用[J]. 计算机科学, 2013,40(11):137-139.
[24] 赵石真. 基于SVM的k-means聚类算法在WSN入侵检测中的应用[D]. 成都:西华大学, 2016.
[25] 韦海宇,王勇,柯文龙,等.基于改进极端随机树的异常网络流量分类方法[J/OL]. 计算机工程. (2017-12-22). http://kns.cnki.net/kcms/detail/31.1289.TP.20171220.1332.012.html.
[26] 马超.基于ReliefF和改进乌鸦搜索优化的并行入侵检测方法[J/OL]. 计算机应用研究. (2018-08-11). http://kns.cnki.net/kcms/detail/51.1196.TP.20180811.1341.098.html.