期刊文献+

对抗学习辅助增强的增量式入侵检测系统

Adversarial learning-augmented incremental intrusion detection system
下载PDF
导出
摘要 为解决增量式入侵检测系统(intrusion detection system,IDS)在检测新类攻击过程中存在的新类过拟合、旧类泛化能力弱、灾难性遗忘问题,提出了对抗辅助增强的增量式IDS。在增量训练过程中,利用对抗样本的正则化能力约束检测模型在新类攻击上的过拟合,设计同时存储旧类攻击的原样本及对抗样本的双分布模拟缓存器以增强检测模型对旧类的泛化能力,引入加权交叉熵损失缓解灾难性遗忘问题。在CSE-CIC-IDS2018数据集和UNSW-NB15数据集上的实验结果表明:对抗样本直接参与训练会导致模型的识别性能恶化,而对抗样本以数据分布分离的形式参与训练则增强了模型的识别性能;对抗样本在缓存器中的存储有效抑制了模型对旧类泛化能力的丢失;加权交叉熵损失对学习权重的调整缓解了新类及缓存器内数据间的不平衡所导致的灾难性遗忘。所提方法为识别动态复杂网络环境中的真实攻击提供了可行方案,具有潜在的应用价值。 To address the issues of overfitting on new classes,limited generalization ability on old classes,and catastrophic forgetting of incremental learning-based incremental intrusion detection system(IDS)when dealing with attacks of new classes,an adversarial assistance-augmented incremental IDS is proposed.In the incremental training,the regularization of adversarial samples is leveraged to mitigate the overfitting on new classes.A dual distribution simulation buffer that stores both clean and adversarial samples of old classes is proposed to enhance the generalization ability to old classes.In addition,weighted cross-entropy loss is introduced into the training process to alleviate the catastrophic forgetting.Experimental results on the CSE-CIC-IDS2018 dataset and the UNSW-NB15 dataset show that direct participation of adversarial samples in training leads to deterioration of the recognition performance,while participation in the form of detached data distribution enhances the recognition performance of the model.The storage of adversarial samples in the buffer effectively suppresses the loss of the model s generalization ability for old classes,and the adjustment of learning weights by weighted cross-entropy loss alleviates the catastrophic forgetting caused by the imbalance between the new classes and the data in the buffer.The proposed method offers a viable strategy for detecting real attacks within dynamic and complex networks,presenting substantial practical applicability.
作者 武晓栋 金志刚 陈旭阳 刘凯 WU Xiaodong;JIN Zhigang;CHEN Xuyang;LIU Kai(School of Electrical and Information Engineering,Tianjin University,Tianjin 300072,China)
出处 《哈尔滨工业大学学报》 EI CAS CSCD 北大核心 2024年第9期31-37,84,共8页 Journal of Harbin Institute of Technology
基金 国家自然科学基金(52171337)。
关键词 入侵检测 深度学习 增量学习 对抗学习 灾难性遗忘 intrusion detection deep learning incremental learning adversarial learning catastrophic forgetting
  • 相关文献

参考文献2

二级参考文献10

共引文献30

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部