Rss Email Alert
期刊订阅| 联系我们
高级搜索
高级搜索
首页 > 过刊浏览>2019年第34卷第2期 >243-251. DOI:10.13195/j.kzyjc.2018.1030
PDF HTML阅读 XML下载 导出引用 引用提醒
基于模糊粗糙集属性约简与GMM-LDA最优聚类簇特征学习的自适应网络入侵检测
作者:
作者单位:

(1. 湖南师范大学信息科学与工程学院,长沙410081;2. 湖南师范大学计算与随机数学教育部重点实验室,长沙410081;3. 中南大学信息科学与工程学院,长沙410083)

通讯作者:

E-mail: xupf@hunnu.edu.cn.

中图分类号:

TP391.4

基金项目:

国家自然科学基金项目(61501183, U1701261, 61771492);湖南省自然科学基金项目(2018JJ3349);图像信息处理与智能控制教育部重点实验室(华中科技大学)开放基金项目(IPIC2017-03).


Adaptive network intrusion detection based on fuzzy rough set-based attribute reduction and GMM-LDA-based optimal cluster feature learning
Author:
Affiliation:

(1. College of Information Science and Engineering,Hu'nan Normal University,Changsha 410081,China;2. Key Laboratory of Computing and Stochastic Mathematics,Ministry of Education,Hu'nan Normal University,Changsha 410081,China;3. School of Information Science and Engineering,Central South University,Changsha 410083,China)

  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [1]
    • |
  • 相似文献 [20]
    • | | |
  • 文章评论
    摘要:

    网络入侵方式已日趋多样化,其隐蔽性强且变异性快,开发灵活度高、适应性强的实时网络安全监测系统面临严峻挑战.对此,提出一种基于模糊粗糙集属性约简(FRS-AR)和GMM-LDA最优聚类簇特征学习(GMM-LDA-OCFL)的自适应网络入侵检测(ANID)方法.首先,引入一种基于模糊粗糙集(FRS)信息增益率的属性约简(AR)方法以实现网络连接数据最优属性集选择;然后,提出一种基于GMM-LDA的最优聚类簇特征学习方法,以获得正常模式特征库和入侵模式库的最优特征表示,同时引入模式库自适应更新机制,使入侵检测模型能够适应网络环境动态变化.KDD99数据集和基于Nidsbench的网络虚拟仿真实验平台的入侵检测结果表明,所提出的ANID方法能有效适应网络环境动态变化,可实时检测出真实网络连接数据中的各种入侵行为,其性能优于当前常用的入侵检测方法,应用前景广阔.

    Abstract:

    With the increasing diversity and rapid variability of network intrusion, the development of real-time network security monitoring systems with high flexibility and strong adaptability still faces severe challenges. Therefore adaptive network intrusion detection(ANID) method based on fuzzy rough set attribute reduction(FRS-AR) and Gaussian mixture model linear discriminant aualysis(GMM-LDA) optimal cluster feature learning(GMM-LDA-OCFL) is proposed. Based on the fuzzy rough set theory, the optimal attribute set of network connection data is selected automatically by information gain rate measurement. Then, an optimal cluster feature learning method based on GMM-LDA is proposed to obtain the optimal feature representation of the normal mode feature library and the intrusion mode feature library. At the same time, the adaptive on-line update mechanism of the normal(abnormal) pattern feature library is introduced, so that the detection model can adapt itself to dynamic network changes. The test results of KDD99 and network simulation experiment platform based on Nidsbench show that the proposed method can effectively adapt to the dynamic changes of the network environment and various intrusion behaviors in the real network connection data can be detected in real time. And the performance of the proposed method is better than that of the existing commonly-used intrusion detection methods, which has potentially wide application prospects.

    参考文献
    {1}Baig M M, Awais M M, El-Alfy E S M.A multiclass cascade of artificial neural network for network intrusion detection[J].J of Intelligent & Fuzzy Systems, 2017, 32(4): 2875-2883.{2}作者.著作名称[M].出版地: 出版单位, 出版年份: 起止页码.{2}Ahmed M, Naser Mahmood A, Hu J.A survey of network anomaly detection techniques[J].J of Network & Computer Applications, 2016, 60: 19-31.{3}作者.学位论文名称[D].出版地: 保存者, 出版年份: 起止页码.{3}Erbacher R F, Walker K L, Frincke D A.Intrusion and misuse detection in large-scale systems[J].Computer Graphics & Applications IEEE, 2002, 22(1): 38-47.{4}作者.会议论文名[C].文集名.出版地或会议地点: 出版者, 出版年份: 起止页码.{4}Fathima S M H S S, Banu R S D W.Elliptical model for normal and abnormal gait classification [J].Research J of Applied Sciences Engineering & Technology, 2015, 11(11): 1238-1244.{5}作者.报告名称[R].出版地: 出版者, 出版年份: 起止页码.{5}Wang J, Wang S T, Deng Z H.Some problems in cluster analysis[J].Control and Decision, 2012, 27(3): 321-328.{6}主要责任者.电子文献题名[电子文献及载体类型标识, 如[DB/OL], [DB/MT], [M/CD], [CP/DK], [J/OL], [EB/OL]].(发表或更新日期)[引用日期].电子文献的出处或可获得地址.{6}Kang S H, Sandberg B, Yip A M.A regularized k-means and multiphase scale segmentation[J].Inverse Problems & Imaging, 2017, 5(2): 407-429.{7}作者.篇名[N].报纸名称, 出版日期(版次).{7}Jeon Y, Yoo J, Lee J, et al.NC-Link: A new linkage method for efficient hierarchical clustering of large-scale data[J].IEEE Access, 2017, 5: 5594-5608.{8}专利所有者.专利题名[P].专利国别: 专利号, 出版日期.{8}Zhang X, Zhou A, Wang X, et al.Unmixing grain-size distributions in lake sediments: A new method of endmember modeling using hierarchical clustering[J].Quaternary Research, 2017, 89(1): 1-9.{9}标准编号,标准名称[S].{9}Zhang Y, Geng G, Wei X, et al.Feature extraction of point clouds using the DBSCAN clustering[J].J of Xidian University, 2017, 44(2): 114-120.{10}主要责任者.其他类型的文献题名[Z].出版地: 出版者, 出版年.{10}Huang J, Hong Y, Zhao Z, et al.An energy-efficient multi-hop routing protocol based on grid clustering for wireless sensor networks [J].Cluster Computing, 2017, 20(3): 1-13.{11}Zhao Q H, Li X L, Zhao X M, et al.Fuzzy cluster image segmentation based on spatial constraint Student's-T hybrid model[J].Control and Decision, 2016, 31(11): 2065-2070.{12}Dai J, Xu Q.Attribute selection based on information gain ratio in fuzzy rough set theory with application to tumor classification [J].Applied Soft Computing J, 2013, 13(1): 211-221.{13}Herawan T, Deris M M, Abawajy J H.A rough set approach for selecting clustering attribute[J].Knowledge-Based Systems, 2010, 23(3): 220-231.{14}Jiang Q, Huang B, Yan X.GMM and optimal principal components-based Bayesian method for multimode fault diagnosis [J].Computers & Chemical Engineering, 2016, 84: 338-349.{15}Chen S, Hong X, Harris C J.Probability density estimation with tunable kernels using orthogonal forward regression[J].IEEE Trans on Systems, Man, & Cybernetics, Part B: Cybernetics, 2010, 40(4): 1101-1114.{16}Laohakiat S, Phimoltares S, Lursinsap C.A clustering algorithm for stream data with LDA-based unsupervised localized dimension reduction[J].Information Sciences, 2017, 381: 104-123.{17}Jia R, Mao Z, Wang F.KPLS model based product quality control for batch processes[J].Ciesc J, 2013, 64(4): 1332-1339.{18}Xu W, Yan X, Xu W, et al.Application of single channel blind separation algorithm based on EEMD-PCA-robust ICA in bearing fault diagnosis[J].Int J of Communications Network & System Sciences, 2017, 10(8): 138-147.{19}Lahdhiri H, Elaissii I, Taouali O, et al.Nonlinear process monitoring based on new reduced rank-KPCA method[J].Stochastic Environmental Research & Risk Assessment, 2017, 32(6): 1-16.{20}Wu L Y, Li S L, Gan X S, et al.Network anomaly intrusion detection CVM model based on PLS feature extraction[J].Control and Decision, 2017, 32(4): 755-758.{21}Lin W C, Ke S W, Tsai C F.CANN: An intrusion detection system based on combining cluster centers and nearest neighbors[J].Knowledge-Based Systems, 2015, 78(1): 13-21.{22}Tama B A.HFSTE: Hybrid feature selections and tree-based classifiers ensemble for intrusion detection system[J].Ieice Trans on Information & Systems, 2017, 100(8): 1729-1737.{23}Ashfaq R A R, Wang X Z, Huang J Z, et al.Fuzziness based semi-supervised learning approach for intrusion detection system[J].Information Sciences, 2017, 378(C): 484-497.{24}Lippmann R, Haines J W, Fried D J, et al.The 1999 DARPA off-line intrusion detection evaluation[J].The Int J of Computer and Telecommunications Networking, 2000, 34(4): 579-595.
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

刘金平,张五霞,唐朝晖,等.基于模糊粗糙集属性约简与GMM-LDA最优聚类簇特征学习的自适应网络入侵检测[J].控制与决策,2019,34(2):243-251

复制
分享
文章指标
  • 点击次数:1132
  • 下载次数: 1533
  • HTML阅读次数: 1051
  • 引用次数: 0
历史
  • 在线发布日期: 2019-01-23
文章二维码

办公地点:东北大学 综合楼313室

通讯地址:沈阳市和平区文化路3巷11号 东北大学125信箱 《控制与决策》编辑部(110819)

收件人:《控制与决策》编辑部 (如果快递,请选择EMS或顺丰快递,其他快递无法送达。)

电话: 024-83687766,23906437

版权所有 :控制与决策

技术支持:北京勤云科技发展有限公司

E-mail: kzyjc@mail.neu.edu.cn

版权所有 :控制与决策

技术支持:北京勤云科技发展有限公司