基于深度学习的配电网无线通信入侵检测系统

在采用无线通信接入的配电网中,入侵检测系统（IDS）通过分析通信网中传输数据来判断入侵事件.为提高检测的准确性,本文将深度学习理论应用于IDS,提出了一种面向配电网无线通信网络新型入侵检测系统,由带有门控循环单元、多层感知器和Softmax的循环神经网络组成.攻击测试基准实验结果表明IDS防御的有效性,在KDD99测试数据集上,其误报率为0.06%,总检出率为96.43%;在NSL-KDD测试数据集上,其误报率低至0.86%,总检出率则为99.33%.     

遗传算法优化的混合神经网络入侵检测系统

针对入侵检测系统大都采用单一的检测模式,难以有效地处理漏报、误报和对未知攻击无法有效识别的问题,分析不同类型网络流量的特征,文中提出一种将BP网络、遗传算法和Snort相结合的混合式入侵检测系统,综合了异常检测和误用检测的优点,克服了单一检测模式的不足。实验结果表明,该方法能有效提高入侵检测系统的检测率和准确率。     

Optimized deep learning-based intrusion detection for wireless sensor networks

The technological innovations and wide use of Wireless Sensor Network (WSN) applications need to handle diverse data. These huge data possess network security issues as intrusions that cannot be neglected or ignored. An effective strategy to counteract security issues in WSN can be achieved through the Intrusion Detection System (IDS). IDS ensures network integrity, availability, and confidentiality by detecting different attacks. Regardless of efforts by various researchers, the domain is still open to obtain an IDS with improved detection accuracy with minimum false alarms to detect intrusions. Machine learning models are deployed as IDS, but their potential solutions need to be improved in terms of detection accuracy. The neural network performance depends on feature selection, and hence, it is essential to bring an efficient feature selection model for better performance. An optimized deep learning model has been presented to detect different types of attacks in WSN. Instead of the conventional parameter selection procedure for Convolutional Neural Network (CNN) architecture, a nature-inspired whale optimization algorithm is included to optimize the CNN parameters such as kernel size, feature map count, padding, and pooling type. These optimized features greatly improved the intrusion detection accuracy compared to Deep Neural network (DNN), Random Forest (RF), and Decision Tree (DT) models.     

Hybrid Fuzzy Adaptive Wiener Filtering with Optimization for Intrusion Detection

Intrusion detection plays a key role in detecting attacks over networks, and due to the increasing usage of Internet services, several security threats arise. Though an intrusion detection system (IDS) detects attacks efficiently, it also generates a large number of false alerts, which makes it difficult for a system administrator to identify attacks. This paper proposes automatic fuzzy rule generation combined with a Wiener filter to identify attacks. Further, to optimize the results, simplified swarm optimization is used. After training a large dataset, various fuzzy rules are generated automatically for testing, and a Wiener filter is used to filter out attacks that act as noisy data, which improves the accuracy of the detection. By combining automatic fuzzy rule generation with a Wiener filter, an IDS can handle intrusion detection more efficiently. Experimental results, which are based on collected live network data, are discussed and show that the proposed method provides a competitively high detection rate and a reduced false alarm rate in comparison with other existing machine learning techniques.     

新的入侵检测数据融合模型——IDSFP

以多传感器数据融合技术为基础,提出了新的入侵检测融合模型——IDSFP。其具有对多个IDS入侵检测系统的警报进行关联、聚合,产生对安全态势判断的度量,从而构成证据的特点。IDSFP应用D-S证据理论来形成对当前安全态势进行评估的信息,并动态地反馈、调整网络中各个IDS(intrusiondetectionsystem),加强对与攻击意图有关的数据的检测,进而提高IDS检测效率,降低系统的误报率和漏报率。     

车联网中基于神经网络的入侵检测方案

车联网的入侵检测（IDS）可用于确认交通事件通知中描述的事件的真实性。当前车联网IDS多采用基于冗余数据的一致性检测方案,为降低IDS对冗余数据的依赖性,提出了一个基于神经网络的入侵检测方案。该方案可描述大量交通事件类型,并综合使用了反向传播（BP）和支持向量机（SVM）2种学习算法。这2种算法分别适用于个人安全驾驶速度快与高效交通系统检测率高的应用。仿真实验和性能分析表明,本方案具有较快的入侵检测速度,且具有较高的检测率和较低的虚警率。     

Divided two-part adaptive intrusion detection system

The main objective of this paper is to design a more complete intrusion detection system solution. The paper presents an efficient approach for reducing the rate of alerts using divided two-part adaptive intrusion detection system (DTPAIDS). The proposed DTPAIDS has a high degree of autonomy in tracking suspicious activity and detecting positive intrusions. The proposed DTPAIDS is designed with the aim of reducing the rate of detected false positive intrusion through two achievements. The first achievement is done by implementing adaptive self-learning neural network in the proposed DTPAIDS to gives it the ability to be automatic adaptively system based on Radial Basis Functions (RBF) neural network. The second achievement is done through dividing the proposed intrusion detection system IDS into two parts. The first part is IDS₁, which is installed in the front of firewall and responsible for checking each entry user’s packet and deciding if the packet considered is an attack or not. The second is IDS₂, which is installed behind the firewall and responsible for detecting only the attacks which passed the firewall. This proposed approach for IDS exhibits a lower false alarm rate when detects novel attacks. The simulation tests are conducted using DARPA 1998 dataset. The experimental results show that the proposed DTPAIDS [1] reduce false positive rate, [2] detects intrusion occurrence sensitively and precisely, [3] accurately self–adapts diagnoser model, thus improving its detection accuracy.     

基于ARMA模型的CFAR网络入侵检测方法研究

提出了一种基于ARMA网络流量模型的CFAR入侵检测系统。采用ARMA模型对网络流量进行预测,并运用雷达信号处理中的恒误警CFAR技术,选取检测阀值以判定是否存在入侵信号。利用林肯实验室DARPA数据对系统进行试验,结果表明,此方法与AR预测模型相比,具有更高的检测率和更低的误警率。     

ART-2神经网络及其在入侵检测中的应用

在分别对ART-2神经网络和入侵检测原理进行介绍的基础上,指出用ART-2神经网络作为入侵检测系统检测算法的可行性.利用KDD CUP-99数据集对算法进行了Matlab仿真.实验表明,该入侵检测算法可实现较高的检测率和较低的误检率.     

基于深度信念网络资源需求预测的虚拟网络功能动态迁移算法

针对5G网络场景下缺乏对资源需求的有效预测而导致的虚拟网络功能(VNF)实时性迁移问题,该文提出一种基于深度信念网络资源需求预测的VNF动态迁移算法。该算法首先建立综合带宽开销和迁移代价的系统总开销模型,然后设计基于在线学习的深度信念网络预测算法预测未来时刻的资源需求情况,在此基础上采用自适应学习率并引入多任务学习模式优化预测模型,最后根据预测结果以及对网络拓扑和资源的感知,以尽可能地减少系统开销为目标,通过基于择优选择的贪婪算法将VNF迁移到满足资源阈值约束的底层节点上,并提出基于禁忌搜索的迁移机制进一步优化迁移策略。仿真表明,该预测模型能够获得很好的预测效果,自适应学习率加快了训练网络的收敛速度,与迁移算法结合在一起的方式有效地降低了迁移过程中的系统开销和服务级别协议(SLA)违例次数,提高了网络服务的性能。     

基于深度特征学习的网络流量异常检测方法

针对网络流量异常检测过程中提取的流量特征准确性低、鲁棒性差导致流量攻击检测率低、误报率高等问题,该文结合堆叠降噪自编码器(SDA)和softmax,提出一种基于深度特征学习的网络流量异常检测方法。首先基于粒子群优化算法设计SDA结构两阶段寻优算法:根据流量检测准确率依次对隐藏层层数及每层节点数进行寻优,确定搜索空间中的最优SDA结构,从而提高SDA提取特征的准确性。然后采用小批量梯度下降算法对优化的SDA进行训练,通过最小化含噪数据重构向量与原始输入向量间的差异,提取具有较强鲁棒性的流量特征。最后基于提取的流量特征对softmax进行训练构建异常检测分类器,从而实现对流量攻击的高性能检测。实验结果表明:该文所提方法可根据实验数据及其分类任务动态调整SDA结构,提取的流量特征具有更高的准确性和鲁棒性,流量攻击检测率高、误报率低。     

Diagnosis of breast cancer based on modern mammography using hybrid transfer learning

Breast cancer is a common cancer in women. Early detection of breast cancer in particular and cancer, in general, can considerably increase the survival rate of women, and it can be much more effective. This paper mainly focuses on the transfer learning process to detect breast cancer. Modified VGG (MVGG) is proposed and implemented on datasets of 2D and 3D images of mammograms. Experimental results showed that the proposed hybrid transfer learning model (a fusion of MVGG and ImageNet) provides an accuracy of 94.3%. On the other hand, only the proposed MVGG architecture provides an accuracy of 89.8%. So, it is precisely stated that the proposed hybrid pre-trained network outperforms other compared Convolutional Neural Networks. The proposed architecture can be considered as an effective tool for radiologists to decrease the false negative and false positive rates. Therefore, the efficiency of mammography analysis will be improved.

     

基于卷积神经网络的Android流量分类方法

深度学习就是机器学习研究的过程,主要通过模拟人脑分析学习的过程对数据进行分析。目前,深度学习技术已经在计算机视觉、语音识别、自然语言处理等领域获得了较大发展,并且随着该技术的不断发展,为网络流量分类和异常检测带来了新的发展方向。移动智能手机与大家的生活息息相关,但是其存在的安全问题也日益凸显。针对传统机器学习算法对于流量分类需要人工提取特征、计算量大的问题,提出了基于卷积神经网络模型的应用程序流量分类算法。首先,将网络流量数据集进行数据预处理,去除无关数据字段,并使数据满足卷积神经网络的输入特性。其次,设计了一种新的卷积神经网络模型,从网络结构、超参数空间以及参数优化方面入手,构造了最优分类模型。该模型通过卷积层自主学习数据特征,解决了传统基于机器学习的流量分类算法中的特征选择问题。最后,通过CICAndmal2017网络公开数据集进行模型测试,相比于传统的机器学习流量分类模型,设计的卷积神经网络模型的查准率和查全率分别提高了2.93%和11.87%,同时在类精度、召回率以及F1分数方面都有较好的提升。     

ID-based proxy re-signature without pairing

Several new attacks have been identified in CRNs such as primary user emulation, dynamic spectrum access (DSA), and jamming attacks. Such types of attacks can severely impact network performance, specially in terms of the over all achieved network throughput. In response to that, intrusion detection system (IDS) based on anomaly and signature detection is recognized as an effective candidate solution to handle and mitigate these types of attacks. In this paper, we present an intrusion detection system for CRNs (CR-IDS) using the anomaly-based detection (ABD) approach. The proposed ABD algorithm provides the ability to effectively detect the different types of CRNs security attacks. CR-IDS contains different cooperative components to accomplish its desired functionalities which are monitoring, feature generation and selection, rule generation, rule based system, detection module, action module, impact analysis and learning module. Our simulation results show that CR-IDS can detect DSA attacks with high detection rate and very low false negative and false positive probabilities.     

A Supervised Learning Based Decision Support System for Multi-Sensor Healthcare Data from Wireless Body Sensor Networks

Wireless body sensor network (WBSN) is also known as wearable sensors with transmission capabilities, computation, storage and sensing. In this paper, a supervised learning based decision support system for multi sensor (MS) healthcare data from wireless body sensor networks (WBSN) is proposed. Here, data fusion ensemble scheme is developed along with medical data which is obtained from body sensor networks. Ensemble classifier is taken the fusion data as an input for heart disease prediction. Feature selection is done by the squirrel search algorithm which is used to remove the irrelevant features. From the sensor activity data, we utilized the modified deep belief network (M-DBN) for the prediction of heart diseases. This work is implemented by Python platform and the performance is carried out of both proposed and existing methods. Our proposed M-DBN technique is compared with various existing techniques such as Deep Belief Network, Artificial Neural Network and Conventional Neural Network. The performance of accuracy, recall, precision, F1 score, false positive rate, false negative and true negative are taken for both proposed and existing methods. Our proposed performance values for accuracy (95%), precision (98%), and recall (90%), F1 score (93%), false positive (72%), false negative (98%) and true negative (98%).

     

基于图注意力网络的半监督SAR舰船目标检测

基于深度学习的合成孔径雷达(SAR)舰船目标检测近年得到了快速发展。然而,传统有监督学习需要大量的标记样本来训练网络。针对此问题,该文提出一种基于图注意力网络(GAT)的半监督SAR舰船目标检测方法。首先,设计了对称卷积神经网络用于海陆分割。随后,完成超像素分割并将超像素块建模为GAT的节点,利用感兴趣区域池化层提取节点的多尺度特征。GAT采用注意力机制自适应地汇聚邻接节点特征实现对无标记节点的分类。最后,将预测为舰船目标的超像素块定位到SAR图像中并获得精细检测结果。在实测高分辨SAR图像数据集上验证了所提方法。结果表明该方法可以在少量标记样本下,以低虚警率实现对舰船目标的可靠检测。     

一种针对基于SVM入侵检测系统的毒性攻击方法

在机器学习被广泛应用的背景下,本文提出一种针对基于SVM（Support Vector Machine）入侵检测系统的新颖攻击方法——毒性攻击.该方法通过篡改训练数据,进而误导SVM的机器学习过程,降低入侵检测系统的分类模型对攻击流量的识别率.本文把这种攻击建模为最优化问题,利用数值方法得到攻击样本.通过包含多种攻击类型的NSL-KDD数据集进行实验,从攻击流量的召回率和精度这两个指标对攻击效果进行评估,与已有方法相比,实验结果表明本文方法可更有效地降低入侵检测系统的识别率.本文希望通过该研究进一步认识针对机器学习的新颖攻击,为下一步研究对应的防御机制提供研究基础.     

基于相关向量机的网络入侵检测算法

针对支持向量机理论中存在的问题：训练样本数量多以及必须满足MerCer条件等,提出了一种基于相关向量机（RVM）的网络入侵检测方法。首先采用“删除特征”法对KDD99数据集中的41个特征进行评级,筛选出针对不同入侵类型的重要特征和非重要特征,然后只选择重要特征进行匹配。结果表明,这种方法与基于支持向量机（SVM）的入侵检测模型相比,具有更高的检测率和更低的误警率。     

一种优化的神经网络树异常入侵检测方法

本文提出了一种基于优化神经网络树(ONNT)的异常检测方法,在提高异常检测精确率的同时,增强异常检测模型学习结果的可理解性、可解释性。ONNT是一种具有二叉树结构的混合学习模型,二叉树的节点分裂遵循信息增益率准则;其中间节点嵌入了结构简单的感知器神经网络,能够根据当前节点上给定的子样本集和教师信号,选择较小的特征子集构建相对简单的局部决策曲面。本文提出的异常检测方法包括两个方面的性能优化:1）通过优化神经网络树(NNT)的中间节点,降低局部决策曲面的复杂度,从而使中间节点能在可接受的计算代价内表示成低复杂度的布尔函数或规则集,为实现学习结果的可解释性提供基础;2）通过优化学习模型的整体结构,降低所有中间节点的规则析取式的前件复杂度,从而提高学习结果的可理解性。实验的数值结果表明,与基于NNT的异常检测方法相比,本文提出的方法能够以简单的中间节点和相对精简的整体结构提高检测结果的可解释性和可理解性;与其他同类方法相比,基于ONNT的异常检测方法具有较高的检测精确率,且在一定程度上给出了对异常检测具有重大影响的一些特征信息。      

FD-DBN: Flow directed deep belief network for accurate anomaly detection in cloud computing

Security becomes the key concern in a cloud environment, as the servers are distributed throughout the globe and involve the circulation of highly sensitive data. Intrusions in the cloud are common because of the huge network traffic that paves the way for intruders to breach traditional security systems with sophisticated software. To avoid such problems, intrusion detection systems (IDSs) have been introduced by various researchers. Each IDS was developed to achieve a particular objective, that is, providing security by detecting intrusions. Most of the available IDS are inefficient and are unable to provide accurate classification. Also, some of them are computationally expensive to be implemented in practical scenarios. This article proposes a new and efficient IDS framework that can accurately classify the intrusion type through effective training to address the existing drawbacks. The proposed framework, named flow directed deep belief network (FD-DBN), involves three main phases: pre-processing, clustering, and classification. In pre-processing, certain data mining operations are carried out to clean the data. The clustering phase is carried out using the game-based k-means (GBKM) clustering algorithm. The clustered data is then provided as input to the FD-DBN classification framework, where the training process is carried out. The deep belief network (DBN) training is performed with dataset features, and the flow direction algorithm is adopted for tuning the weight parameters of DBN. Through tuning, the model yielded accurate classification outcomes. The simulations are done in Python 3.6, and the results proved that the proposed framework is much more effective than the existing IDS frameworks.