基于内外卷积网络的网络入侵检测

doi:10.13190/j.jbupt.2021-007

北京邮电大学学报 ›› 2021, Vol. 44 ›› Issue (5): 94-100.doi: 10.13190/j.jbupt.2021-007

基于内外卷积网络的网络入侵检测

王艺霏¹, 莫爽², 吴文睿², 范少华², 肖丁²

1. 国网冀北电力有限公司信息通信分公司, 北京 100054;
2. 北京邮电大学计算机学院(国家示范性软件学院), 北京 100876

收稿日期:2021-07-07 出版日期:2021-10-28 发布日期:2021-09-06
通讯作者: 肖丁(1966-),男,讲师,dxiao@bupt.edu.cn. E-mail:dxiao@bupt.edu.cn
作者简介:王艺霏(1988-),女,工程师.
基金资助:
基于全业务统一数据中心的数据融合及可视化关键技术研究项目（52018E18006N）

Internal-External Convolutional Networks for Network Intrusion Detection

WANG Yi-fei¹, MO Shuang², WU Wen-rui², FAN Shao-hua², XIAO Ding²

1. State Grid Jibei Information and Telecommunication Company, Beijing 100054, China;
2. School of Computer Science (National Pilot Software Engineering School), Beijing University of Posts and Telecommunications, Beijing 100876, China

Received:2021-07-07 Online:2021-10-28 Published:2021-09-06

摘要/Abstract

摘要： 网络入侵检测通过分析流量特征来区分正常和异常的网络行为以实现入侵流量的检测，是网络安全领域的重要研究课题.针对已有入侵检测模型特征提取过程复杂、信息提取不足等问题，提出了一种基于内外卷积网络的入侵检测模型.首先使用一维卷积神经网络提取流量数据的内部特征，然后通过对内部特征计算相似度建模得到无向同质图，此外将流量在外部网络侧的通信行为建模为有向异质图，并对两图使用图卷积网络学习包含网络流量多种交互行为的嵌入向量，最后将学习到的流量嵌入向量输入到分类器中用于最终的分类.实验结果表明，所提模型的检测准确率和误报率均优于对比模型.

关键词: 入侵检测, 深度学习, 图卷积网络, 卷积神经网络

Abstract: Network intrusion detection is an important research topic in the field of network security which is used to distinguish normal and abnormal network behaviors by analyzing traffic characteristics to realize intrusion traffic detection. To solve the problems of the complex feature extraction process,and insufficient information extraction in existing intrusion detection models,an intrusion detection model based on internal and external convolutional networks is proposed. Firstly,an one-dimensional convolutional neural network is used to extract the internal features of the traffic data. Then, an undirected homogeneous graph is obtained by calculating the similarity of the internal features. In addition the communication behavior of the traffic on the external network side is modeled as a directed heterogeneous graph,and graph convolutional network is used to learn embedding containing multiple interactive behaviors of network traffic from two graghs. Finally, the learned flow embedding is input into the classifier for final classification. Experimental results show that compared with existing methods,the detection accuracy and false alarm rate of the proposed model are better than those of the compared models.

Key words: intrusion detection, deep learning, graph convolutional network, convolutional neural network

中图分类号:

TP393

王艺霏, 莫爽, 吴文睿, 范少华, 肖丁. 基于内外卷积网络的网络入侵检测[J]. 北京邮电大学学报, 2021, 44(5): 94-100.

WANG Yi-fei, MO Shuang, WU Wen-rui, FAN Shao-hua, XIAO Ding. Internal-External Convolutional Networks for Network Intrusion Detection[J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(5): 94-100.

参考文献

[1] Cui Zhihua, Xu Xianghua, Fei Xue, et al. Personalized recommendation system based on collaborative filtering for IoT scenarios[J]. IEEE Transactions on Services Computing, 2020, 13(4):685-695.
[2] Pazzani M J, Billsus D. Content-based recommendation systems[M]. Heidelberg:Lecture Notes in Computer Science, 2007:15-16.
[3] Cheng Zhiyong, Ding Ying, Zhu Lei, et al. Aspectaware latent factor model:rating prediction with ratings and reviews[C]//International Conference on World Wide Web Conference. Lyon:WWW, 2018:639-648.
[4] Koren Y, Bell R, Volinsky C. Matrix factorization techniques for recommender systems[J]. Computer, 2009, 42(8):30-37.
[5] Yue Xiang, Wang Zhen, Huang Jingong, et al. Graph embedding on biomedical networks:methods, applications and evaluations[J]. Bioinformatics, 2020, 36(4):1241-1251.
[6] Defferrard M, Bresson X, Vandergheynst P. Convolutional neural networks on graphs with fast localized spectral filtering[J]. Advances in Neural Information Processing Systems, 2016, 29(1):3844-3852.
[7] Zhang Chuxu, Song Dongjin, Huang Chao, et al. Heterogeneous graph neural network[C]//25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining. Anchorage:ACM, 2019:793-803.
[8] Wang Xiang, He Xiangnan, Wang Meng, et al. Neural graph collaborative filtering[C]//ACM SIGIR Conference on Research and Development in Information Retrieval. Paris:ACM, 2019:165-174.
[9] Wu F, Souza A, Zhang Tianyi, et al. Simplifying graph convolutional networks[C]//ICML 2019:Proceedings of 2019 International Conference on Machine Learning. California:ICML, 2019:6861-6871.
[10] He Xiangnan, Deng Kuan, Wang Xiang, et al. LightGCN:simplifying and powering graph convolution network for recommendation[C]//ACM SIGIR Conference on Research and Development in Information Retrieval. Salamanca:Computer Science, 2020:639-648.
[11] Berg R, Kipf T N, Welling M. Graph convolutional matrix completion[C]//KDD'18 Deep Learning Day. London:ACM, 2018:161-168.
[12] Mikolov T, Sutskever I, Chen K, et al. Distributed representations of words and phrases and their compositionality[C]//Advances in Neural Information Proce-ssing Systems. Nevada:NIPS, 2013:3111-3119.
[13] Zhao Cheng, Li Chenliang, Fu Cong. Cross-domain recommendation via preference propagation graphnet[C]//28th ACM International Conference on Information and Knowledge Management. Beijing:ACM, 2019:2165-2168.
[14] Harper F M, Konstan J A. The movielens datasets:history and context[J]. ACM Transactions on Interactive Intelligent Systems (TIIS), 2015, 5(4):1-19.
[15] Monti F, Bronstein M, Bresson X. Geometric matrix completion with recurrent multi-graph neural networks[C]//Advances in Neural Information Processing Systems. Long Beach:NIPS, 2017:3697-3707.

基于内外卷积网络的网络入侵检测

Internal-External Convolutional Networks for Network Intrusion Detection

RichHTML

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	刘阳, 滕颖蕾, 牛涛, 郅佳琳. 基于深度强化学习的滤波器剪枝方案[J]. 北京邮电大学学报, 2023, 46(3): 31-36.
[2]	靳梦凡, 黄智濒, 储志强. 复杂环境下多模态指导的点云补全方法[J]. 北京邮电大学学报, 2023, 46(3): 103-108.
[3]	黄跃珍戴晶帼张承业魏东. 基于关联图关键边发现的人脸图像聚类算法[J]. 北京邮电大学学报, 2023, 46(1): 97-102.
[4]	荣震宇刘建毅. 基于Transformer和MLP的眼底血管分割算法[J]. 北京邮电大学学报, 2023, 46(1): 26-31.
[5]	余佳润王亚峰. 一种低信噪比下基于深度学习的DoA估计方法[J]. 北京邮电大学学报, 2022, 45(6): 119-125.
[6]	叶康张淑军郭淇李辉崔雪红. 基于CM-Transformer的连续手语识别[J]. 北京邮电大学学报, 2022, 45(5): 49-53,78.
[7]	刘金桐, 杨国兴, 刘晓鸿, 王光宇. 针对心电图分类模型的平滑攻击算法[J]. 北京邮电大学学报, 2022, 45(4): 44-50.
[8]	黄柳婷, 刘可欣, 牛凯, 常春, 贺志强. 基于深度学习的哮喘患者CT影像黏液栓自动识别[J]. 北京邮电大学学报, 2022, 45(4): 58-63.
[9]	武兴坤, 罗涛, 刘爱军, 杨明, 张文静. 面向主动脉缩窄辅助诊断的神经网络模型设计[J]. 北京邮电大学学报, 2022, 45(4): 1-6.
[10]	武兴坤罗涛刘爱军杨明张文静李剑峰李文秀. 面向主动脉缩窄辅助诊断的神经网络模型设计[J]. 北京邮电大学学报, 2022, 45(4): 1-6.
[11]	柳长源, 虎浩媛, 毕晓君. 双线性融合网络的驾驶员分心行为识别[J]. 北京邮电大学学报, 2022, 45(2): 79-84.
[12]	许同乐, 孟良, 孔晓佳, 苏元浩, 孙砚飞. 基于EEMD的ICNN故障诊断方法[J]. 北京邮电大学学报, 2022, 45(2): 110-116.
[13]	李晓辉, 王先文, 樊韬, 刘佳文, 万宏杰. 基于卷积神经网络的高性能5G下行同步算法[J]. 北京邮电大学学报, 2022, 45(2): 117-123.
[14]	王靖, 姜竹青, 门爱东, 郭晓强, 王智康. 阶梯式图像去噪方法[J]. 北京邮电大学学报, 2022, 45(1): 52-57.
[15]	赵海英, 朱会, 侯小刚. 基于改进EMA单元的传统服饰图像语义分割[J]. 北京邮电大学学报, 2022, 45(1): 69-74.