期刊文献+

DCVAE与DPC融合的网络入侵检测模型研究 被引量:1

Research on Network Intrusion Detection Model Combining DCVAE and DPC
下载PDF
导出
摘要 入侵检测是主动防御网络中攻击行为的技术,以往入侵检测模型因正常网络流量与未知攻击内在特征区分度不足,导致对未知攻击识别率不够高,本文设计基于判别条件变分自编码器与密度峰值聚类算法的入侵检测模型(DCVAE-DPC).利用判别条件变分自编码器能够生成指定类别样本的能力,学习正常网络流量特征的隐空间表示并计算其重建误差,增加其与未知攻击间的特征区分度,并使用密度峰值聚类算法求出正常网络流量重建误差的分布,提高未知攻击识别率.实验结果表明,在NSL-KDD数据集中与当前流行的入侵检测模型相比,模型的分类准确率可以达到97.08%,具有更高的未知攻击检测能力,面对当前复杂网络环境,有更强的入侵检测性能. Intrusion detection is a technology that actively defends malicious attacks in the network.In the past,intrusion detection model had an insufficient recognition rate of unknown attack because of the insufficient feature discrimination between normal network traffics and unknown attacks.In this paper,an intrusion detection model(DCVAE-DPC)based on discriminative conditional variational autoencoder and density peak clustering algorithm is designed.Using the ability of discriminative conditional variational autoencoder to generate samples of specific categories,learn the latent space representation of normal network traffic features and calculate their reconstruction errors,increase the feature discrimination between normal network traffics and unknown attacks,and then use density peak clustering algorithm to find the distribution of the reconstruction errors of normal network traffic and improve the recognition rate of unknown attacks.The experimental results show that in NSL-KDD dataset,compared with the state-of-art intrusion detection system,the classification accuracy of the model can reach 97.08%,and it has higher unknown attacks detection ability.Facing current complex network environment,it has higher intrusion detection performance.
作者 李登辉 葛丽娜 王哲 樊景威 张壕 LI Denghui;GE Lina;WANG Zhe;FAN Jingwei;ZHANG Hao(School of Artificial Intelligence,Guangxi Minzu University,Nanning 530006,China;Guangxi Key Laboratory of Hybrid Computation and IC Design Analysis,Nanning 530006,China)
出处 《小型微型计算机系统》 CSCD 北大核心 2024年第4期998-1006,共9页 Journal of Chinese Computer Systems
基金 国家自然科学基金项目(61862007)资助 广西自然科学基金项目(t 2020GXNSFBA297103)资助.
关键词 入侵检测 判别条件变分自编码器 密度峰值聚类算法 未知攻击识别 细粒度攻击分类 intrusion detection discriminative conditional variational autoencoder density peak clustering algorithm identifying unknown type attacks fine-grained attack classification
  • 相关文献

参考文献7

二级参考文献50

共引文献60

同被引文献5

引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部