摘要
针对目前网络中存在的对已知攻击类型的入侵检测具有较高的检测率,但对新出现的攻击类型难以识别的缺陷问题,提出了一种基于优化数据处理的深度信念网络(DBN)模型的入侵检测方法。该方法在不破坏已学习过的知识和不严重影响检测实时性的基础上,分别对数据处理和方法模型进行改进,以解决上述问题。首先,将经过概率质量函数(PMF)编码和MaxMin归一化处理的数据应用于DBN模型中;然后,通过固定其他参数不变而变化一种参数和交叉验证的方式选择相对最优的DBN结构对未知攻击类型进行检测;最后,在NSL-KDD数据集上进行了验证。实验结果表明,数据的优化处理能够使DBN模型提高分类精度,基于DBN的入侵检测方法具有良好的自适应性,对未知样本具有较高的识别能力。在检测实时性上,所提方法与支持向量机(SVM)算法和反向传播(BP)网络算法相当。
Those well-known types of intrusions can be detected with higher detection rate in the network at present, but it is very difficult to detect those new unknown types of network intrusions. In order to solve the problem, a network intrusion detection method of Deep Belief Network (DBN) model based on optimization of data processing was proposed. The data processing and method model were improved respectively without destroying the existing knowledge and increasing detection time seriously to solve the above problem. Firstly, the data processed by Probability Mass Function (PMF) encoding and MaxMin normalization was applied to the DBN model. Then, the relatively optimal DBN structure was selected through fixing other parameters, changing a parameter and the cross validation. Finally, the proposed method was tested on the benchmark NSL-KDD dataset. The experimental results show that, the optimization of data processing can improve the classification accuracy of the DBN model, the proposed intrusion detection method based on DBN has good adaptability and higher recognition ability of Unknown samples. The detection time of DBN algorithm is similar to that of Support Vector Machine (SVM) algorithm and Back Propagation (BP) neural network model.
出处
《计算机应用》
CSCD
北大核心
2017年第6期1636-1643,1656,共9页
journal of Computer Applications
基金
辽宁省教育厅科学技术研究项目(LJYL052)~~
关键词
入侵检测
优化数据处理
深度学习
深度信念网络
未知攻击检测
intrusion detection
optimization of data processing
deep learning
Deep Belief Network (DBN)
unknownattack detection