高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

基于循环神经网络的无线网络入侵检测分类模型构建与优化研究

陈红松 陈京九

陈红松, 陈京九. 基于循环神经网络的无线网络入侵检测分类模型构建与优化研究[J]. 电子与信息学报, 2019, 41(6): 1427-1433. doi: 10.11999/JEIT180691
引用本文: 陈红松, 陈京九. 基于循环神经网络的无线网络入侵检测分类模型构建与优化研究[J]. 电子与信息学报, 2019, 41(6): 1427-1433. doi: 10.11999/JEIT180691
Hongsong CHEN, Jingjiu CHEN. Recurrent Neural Networks Based Wireless Network Intrusion Detection and Classification Model Construction and Optimization[J]. Journal of Electronics & Information Technology, 2019, 41(6): 1427-1433. doi: 10.11999/JEIT180691
Citation: Hongsong CHEN, Jingjiu CHEN. Recurrent Neural Networks Based Wireless Network Intrusion Detection and Classification Model Construction and Optimization[J]. Journal of Electronics & Information Technology, 2019, 41(6): 1427-1433. doi: 10.11999/JEIT180691

基于循环神经网络的无线网络入侵检测分类模型构建与优化研究

doi: 10.11999/JEIT180691
基金项目: 国家重点研发计划(2018YFB0803400, 2018YFB0803403),国家社科基金(18BGJ071)
详细信息
    作者简介:

    陈红松:男,1977年生,副教授,研究方向为网络空间安全、大数据与机器学习算法应用、云计算与物联网安全

    陈京九:男,1994年生,硕士生,研究方向为网络空间安全

    通讯作者:

    陈红松 chenhs@ustb.edu.cn

  • 中图分类号: TP393.08; TP183

Recurrent Neural Networks Based Wireless Network Intrusion Detection and Classification Model Construction and Optimization

Funds: The National Key Research Development Program (2018YFB0803400, 2018YFB0803403), The National Social Science Foundation of China (18BGJ071)
  • 摘要: 为提高无线网络入侵检测模型的综合性能,该文将循环神经网络(RNN)算法用于构建无线网络入侵检测分类模型。针对无线网络入侵检测训练数据样本分布不均衡导致分类模型出现过拟合的问题,在对原始数据进行清洗、转换、特征选择等预处理基础上,提出基于窗口的实例选择算法精简训练数据集。对攻击分类模型的网络结构、激活函数和可复用性进行综合优化实验,得到最终优化模型,分类准确率达到98.6699%,综合优化后的运行时间为9.13 s。与其他机器学习算法结果比较,该优化方法在分类准确率和执行效率两个方面取得了很好的效果,综合性能优于传统的入侵检测分类模型。
  • 图  1  无线网络入侵检测分类模型的构建与优化流程

    图  2  展开的循环神经网络

    图  3  循环神经网络参数计算

    图  4  训练模型核心代码

    图  5  LSTM单元内部结构

    表  1  最重要的20维特征重要性得分

    特征名特征重要性得分特征名特征重要性得分
    frame.len0.8671RA0.6850
    SA0.7897Subtype0.6506
    wep.iv0.7764type_sub0.6373
    TA0.7587reason_c0.6327
    wep.icv0.7458wep.key0.6161
    DA0.7365bssid0.5971
    DS0.7283Pwrmgt0.5872
    Duration0.7135type.cck0.5866
    RSS0.7112Protected0.5865
    Seq0.7100Datarate0.5860
    下载: 导出CSV

    表  2  SamSelect伪代码

     算法1 基于窗口的实例选择算法 SamSelect(DA, w)
     输入:AWID训练集DA,窗口大小w
     输出:采样后训练集DB
     (1) 初始化 正常样本计数器c=0
     (2) for t=1 to |DA| do:
     (3) If Tt = normal then:
     (4)  c = c+1
     (5)  if cw then:
     (6)   将当前样本放入DB
     (7)  end if
     (8) end if
     (9) if Tt ≠ normal then:
     (10)  c=0
     (11)  将当前样本放入DB
     (12) end if
     (13) end for
     (14) return DB
    下载: 导出CSV

    表  3  窗口阈值大小与采样数据分布表

    样本标签数量窗口阈值为5窗口阈值为2
    正常标签样本数量368038201007
    攻击标签样本数量162385162385
    下载: 导出CSV

    表  4  窗口大小为5时的RNN分类预测实验结果报告

    类别精确率(%)召回率(%)F度量(%)样本数
    正常流量95.9399.1197.49530785
    洪泛攻击流量74.1661.4767.228097
    伪装攻击流量22.634.347.2820079
    注入攻击流量99.8099.9999.9016682
    下载: 导出CSV

    表  5  窗口大小为2时的RNN分类预测实验结果报告

    类别精确率(%)召回率(%)F度量(%)样本数
    正常流量96.0498.2797.14530785
    洪泛攻击流量69.3166.2667.758097
    伪装攻击流量15.956.409.1420079
    注入攻击流量99.6399.9999.8116682
    下载: 导出CSV

    表  6  网络单元结构优化效果对比

    网络单元结构隐藏层数隐藏层节点学习率迭代轮数时间(s)准确率(%)
    RNN1200.001429649.8195.01
    GRU1200.001286681.0595.19
    LSTM1200.001277663.5095.19
    LSTM2200.001141526.6595.21
    LSTM3200.001145545.4795.14
    LSTM2100.001186454.6195.06
    LSTM2300.001175988.1795.00
    LSTM2100.01064165.5895.22
    LSTM2100.02086205.8395.27
    LSTM2100.00553129.6195.07
    下载: 导出CSV

    表  7  分类模型实验对比效果

    算法名称准确率(%)时间(s)
    KNN95.87528.84
    SVM94.926757.97
    NB92.494.41
    RFC93.277.93
    DT93.196.43
    AdaBoost87.4366.97
    GB95.1453.13
    RNN-LSTM98.671717.00
    RNN-LSTM(复用优化)98.679.13
    下载: 导出CSV

    表  8  与其他研究工作比较

    文献算法准确率(%)花费时间(s)发表时间(年)
    文献[2]J4896.26568.922016
    文献[5]Voting96.323902016
    文献[6]SAE+PRelu98.67/2017
    文献[7]RNN81.29114442017
    本文RNN-LSTM98.679.132018
    下载: 导出CSV
  • CHEN Dong. A survey of IEEE 802.11 protocols: Comparison and prospective[C]. Proceedings of the 2017 5th International Conference on Mechatronics, Materials, Chemistry and Computer Engineering, Chongqing, China, 2017: 589–598.
    KOLIAS C, KAMBOURAKIS G, STAVROU A, et al. Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset[J]. IEEE Communications Surveys & Tutorials, 2016, 18(1): 184–208. doi: 10.1109/COMST.2015.2402161
    KOLIAS C and KAMBOURAKIS G. Organizations requested the dataset[EB/OL]. http://icsdweb.aegean.gr/awid/download.html, 2018.
    白琮, 黄玲, 陈佳楠, 等. 面向大规模图像分类的深度卷积神经网络优化[J]. 软件学报, 2018, 29(4): 1029–1038. doi: 10.13328/j.cnki.jos.005404

    BAI Cong, HUANG Ling, CHEN Jianan, et al. Optimization of deep convolutional neural network for large scale image classification[J]. Journal of Software, 2018, 29(4): 1029–1038. doi: 10.13328/j.cnki.jos.005404
    ALOTAIBI B and ELLEITHY K. A majority voting technique for wireless intrusion detection systems[C]. Proceedings of 2016 IEEE Long Island Systems, Applications and Technology Conference, New York, USA, 2016: 1–6.
    THING V L L. IEEE 802.11 network anomaly detection and attack classification: a deep learning approach[C]. Proceedings of 2017 IEEE Wireless Communications and Networking Conference, San Francisco, USA, 2017: 1–6.
    YIN Chuanlong, ZHU Yuefei, FEI Jinlong, et al. A deep learning approach for intrusion detection using recurrent neural networks[J]. IEEE Access, 2017, 5: 21954–21961. doi: 10.1109/ACCESS.2017.2762418
    陈红松, 王钢, 宋建林. 基于云计算入侵检测数据集的内网用户异常行为分类算法研究[J]. 信息网络安全, 2018, 18(3): 1–7. doi: 10.3969/j.issn.1671-1122.2018.03.001

    CHEN Hongsong, WANG Gang, and SONG Jianlin. Research on anomaly behavior classification algorithm of internal network user based on cloud computing intrusion detection data set[J]. Netinfo Security, 2018, 18(3): 1–7. doi: 10.3969/j.issn.1671-1122.2018.03.001
    MARTENS J and SUTSKEVER I. Learning recurrent neural networks with hessian-free optimization[C]. Proceedings of the 20th International Conference on Machine Learning, Washington, USA, 2011: 1033–1040.
    ABADI M, BARHAM P, CHEN Zhifeng, et al. Tensorflow: a system for large-scale machine learning[C]. Proceedings of the 12th USENIX conference on Operating Systems Design and Implementation, Savannah, USA, 2016: 265–283.
    KIM J, KIM J, LE THI THU H, et al. Long short term memory recurrent neural network classifier for intrusion detection[C]. Proceedings of 2016 International Conference on Platform Technology and Service, Jeju, South Korea, 2016: 1–5.
    ZHOU Guobing, WU Jianxin, ZHANG Chenlin, et al. Minimal gated unit for recurrent neural networks[J]. International Journal of Automation and Computing, 2016, 13(3): 226–234. doi: 10.1007/s11633-016-1006-2
  • 加载中
图(5) / 表(8)
计量
  • 文章访问数:  2234
  • HTML全文浏览量:  1433
  • PDF下载量:  163
  • 被引次数: 0
出版历程
  • 收稿日期:  2018-07-10
  • 修回日期:  2019-01-07
  • 网络出版日期:  2019-01-18
  • 刊出日期:  2019-06-01

目录

    /

    返回文章
    返回