摘要
深度学习被广泛应用到入侵检测领域,但大多数研究的重点是通过改进算法提高入侵检测的准确率,却忽视了在实际应用中单个用户拥有的数据无法满足训练需求的问题。为了实现网络入侵检测模型在训练过程中保护用户隐私安全的同时,仍具有对网络流量数据检测异常的能力,提出一种基于联邦学习并融合深度残差网络(ResNet)和注意力机制的入侵检测模型FL-SEResNet(Federation Learning Squeeze-and-Excitation network ResNet)。在训练过程中,通过对数据压缩、解压、分发、加密和聚合等操作,可以在保护参与者数据隐私的同时,通过多方参与提供足够的训练数据。在NSL-KDD和UNSW-NB15数据集上,所提模型在多分类实验的识别准确率分别为84.22%和80.38%。在NSL-KDD上,与同属于联邦学习的CNN-FL相比,对多分类的识别准确率提升了1.82个百分点,对少数类R2L(Remote to Local)的识别准确率提升了24.94个百分点。
Deep learning is widely used in the field of intrusion detection,but most research has focused on improving the accuracy of intrusion detection through improved algorithms,ignoring the fact that the data owned by a single user cannot meet the training requirements in practical applications.For protecting user privacy and security during training while still detecting anomalies in network traffic data,an intrusion detection model based on federated learning and incorporating deep Residual Network(ResNet)and attention mechanism was proposed,called FL-SEResNet(Federation Learning Squeezeand-Excitation network ResNet).During the training process,the data was operated by the operations such as compressing,decompressing,distributing,encrypting,and aggregating,which could provide sufficient training data through multiple participants while protecting the privacy of participants data.The recognition accuracies of the multi-classification experiments on NSL-KDD and UNSW-NB15 datasets are 84.22%and 80.38%,respectively.For NSL-KDD dataset,compared with CNN-FL(Convolutional Neural Network-Federated Learning),which is also a federated learning,the recognition accuracy for the multiclassification was improved by 1.82 percentage points,and the recognition accuracy for the minority class R2L(Remote to Local)was improved by 24.94 percentage points.
作者
郑超
邬悦婷
肖珂
ZHENG Chao;WU Yueting;XIAO Ke(School of Information Science and Technology,North China University of Technology,Beijing 100144,China)
出处
《计算机应用》
CSCD
北大核心
2023年第S01期133-138,共6页
journal of Computer Applications
关键词
联邦学习
多标签学习
入侵检测
网络流量检测
卷积神经网络
federated learning
multi-label learning
intrusion detection
network traffic detection
Convolution Neural Network(CNN)