| 引用本文: | 丁红卫,万良,龙廷艳.深度自编码网络在入侵检测中的应用研究[J].哈尔滨工业大学学报,2019,51(5):185.DOI:10.11918/j.issn.0367-6234.201809115 |
| DING Hongwei,WAN Liang,LONG Tingyan.Research on the application of deep auto-encoder network in intrusion detection[J].Journal of Harbin Institute of Technology,2019,51(5):185.DOI:10.11918/j.issn.0367-6234.201809115 |
|
| 摘要: |
| 当前网络环境下的网络数据呈现出比以往更为庞大、复杂和多维的特性,传统的机器学习方法面临复杂的高维数据需要手动提取大量特征,特征提取过程复杂且计算量大,不利于当前入侵检测实时性和准确性的要求.基于此,以降低数据维度和消除冗余信息为目的,综合利用深度自编码网络(DAN)和BP算法,提出了基于DAN-BP的入侵检测模型.首先通过叠加多个自编码网络构成深度自编码网络模型,将网络特征数据作为模型的输入,使模型能够智能的逐层抽取网络数据的分布规则,从而获得新的低维特征数据集;然后利用BP算法对学习到的低维数据进行分类识别.文中通过在自编码网络中加入正则化修正,防止训练出的自编码网络直接复制输入信息而影响训练效果;且在输入数据中添加噪声,通过学习原始数据和输出数据重构误差达到去噪的目的,从而使得学习到的新的特征数据具有更强的鲁棒性.对比了传统的降维方法和当前入侵检测方法,结果表明本文方法在分类准确率、误报率和检测速率上均具有较优的效果. |
| 关键词: 入侵检测 深度自编码网络 BP算法 降维 自编码网络 |
| DOI:10.11918/j.issn.0367-6234.201809115 |
| 分类号:TP393 |
| 文献标识码:A |
| 基金项目:贵州省科学基金黔科合LH字[2014](7634) |
|
| Research on the application of deep auto-encoder network in intrusion detection |
|
DING Hongwei1,2,WAN Liang1,2,LONG Tingyan1,2
|
|
(1.College of Computer Science and Technology, Guizhou University, Guiyang 550025, China; 2. Institute of Computer Software and Theory, Guizhou University, Guiyang 550025, China)
|
| Abstract: |
| The network data in the current network environment is enormous, complex, and multidimensional, which is hugely different from the past. The traditional machine learning method needs to manually extract a large number of features in the face of complex high-dimensional data, and the process is complex and computationally intensive, which is not conducive to the current real-time and accuracy requirements of intrusion detection. Thus, in order to reduce the data dimension and eliminate redundant information, an intrusion detection method based on DAN-BP which combines deep auto-encoder network (DAN) and BP algorithm is proposed. First, a DAN model was constructed by overlaying several auto-encoder networks, and the network feature data was used as the input of the model, which enables the model to intelligently extract the distribution rules of the network data layer by layer, thereby obtaining a new low-dimensional feature data set. Then the low-dimensional data was classified and identified by the BP algorithm. In this research, the regularization correction was added to the auto-encoder network to prevent the trained auto-encoder network from directly copying the input information and influencing the training effect. Moreover, noise was added to the input data, and the reconstruction error of the original data and the output data was learned to achieve the purpose of denoising so that the learned new feature data is more robust. The traditional dimensionality reduction method and the proposed intrusion detection method were compared in this paper. Results show that the proposed method has better performance in classification accuracy, false alarm rate, and detection rate. |
| Key words: intrusion detection deep auto-encoder network (DAN) BP algorithm dimensionality reduction auto-encoder network 〖FQ(+20mm。22,ZX-W〗收稿日期: 2018-09-17 基金项目: 贵州省科学基金黔科合LH字[2014](7634) 作者简介: 丁红卫(1992—),男,硕士研究生 通信作者: 万良,wanliangtr@163.com |
