摘要
基于深度学习的入侵检测系统能够进行流量特征分析来监测网络异常,并采取相应措施应对攻击。现有的相关攻击方案,依赖模型训练时对训练数据集的修改,可操作性较低。生成式对抗网络能够生成特定攻击样本,在应对其检测时,误导检测将其划定为正常网络行为的数据。通过构造一个能够将生成流量非攻击特征和攻击流量攻击特征结合的转换器,确保攻击样本具备攻击能力,攻击与非攻击特征的划分使用随机森林的特征选择作为依据。该方法能够绕开深度信念网络入侵检测系统的检测,形成有效的攻击。
The intrusion detection system based on deep learning can conduct traffic feature analysis to monitor network anomalies and take corresponding measures to deal with attacks.Existing correlation attack schemes,which rely on the modification of the training dataset during model training,are less operable.Generative adversarial networks can generate specific samples of attack that classify misleading detection as data of normal network behavior.By constructing a converter that can combine generated traffic non-attack features and attack traffic attack features,the attack sample has attack ability,and the division of attack and non-attack features uses random forest feature selection as the basis.The proposed method can bypass the detection of a deep belief network intrusion detection system and form effective attacks.
作者
杨杰
赵俊杰
张国兴
Yang Jie;Zhao Junjie;Zhang Guoxing(South-Central Minzu University,Wuhan 430074,China)
出处
《科学技术创新》
2022年第19期80-83,共4页
Scientific and Technological Innovation
关键词
入侵检测系统
深度信念网络
GAN
随机森林算法
特征分类
Intrusion detection system
Deep belief network
GAN
Random forest algorithm
Feature classification
