当前位置:
X-MOL 学术
›
Secur. Commun. Netw.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
A Mean Convolutional Layer for Intrusion Detection System
Security and Communication Networks ( IF 1.968 ) Pub Date : 2020-10-24 , DOI: 10.1155/2020/8891185 Leila Mohammadpour 1 , T.C. Ling 1 , C.S. Liew 1 , Alihossein Aryanfar 1
Security and Communication Networks ( IF 1.968 ) Pub Date : 2020-10-24 , DOI: 10.1155/2020/8891185 Leila Mohammadpour 1 , T.C. Ling 1 , C.S. Liew 1 , Alihossein Aryanfar 1
Affiliation
The significant development of Internet applications over the past 10 years has resulted in the rising necessity for the information network to be secured. An intrusion detection system is a fundamental network infrastructure defense that must be able to adapt to the ever-evolving threat landscape and identify new attacks that have low false alarm. Researchers have developed several supervised as well as unsupervised methods from the data mining and machine learning disciplines so that anomalies can be detected reliably. As an aspect of machine learning, deep learning uses a neuron-like structure to learn tasks. A successful deep learning technique method is convolution neural network (CNN); however, it is presently not suitable to detect anomalies. It is easier to identify expected contents within the input flow in CNNs, whereas there are minor differences in the abnormalities compared to the normal content. This suggests that a particular method is required for identifying such minor changes. It is expected that CNNs would learn the features that form the characteristic of the content of an image (flow) rather than variations that are unrelated to the content. Hence, this study recommends a new CNN architecture type known as mean convolution layer (CNN-MCL) that was developed for learning the anomalies’ content features and then identifying the particular abnormality. The recommended CNN-MCL helps in designing a strong network intrusion detection system that includes an innovative form of convolutional layer that can teach low-level abnormal characteristics. It was observed that assessing the proposed model on the CICIDS2017 dataset led to favorable results in terms of real-world application regarding detecting anomalies that are highly accurate and have low false-alarm rate as opposed to other best models.
中文翻译:
入侵检测系统的平均卷积层
在过去的10年中,Internet应用程序的飞速发展导致对信息网络进行保护的必要性不断提高。入侵检测系统是一种基本的网络基础结构防御,必须能够适应不断发展的威胁形势并识别出虚假警报率低的新攻击。研究人员已经从数据挖掘和机器学习学科中开发了几种有监督的方法和无监督的方法,以便可以可靠地检测异常。作为机器学习的一个方面,深度学习使用类似于神经元的结构来学习任务。成功的深度学习技术方法是卷积神经网络(CNN);但是,目前不适合检测异常。在CNN的输入流中更容易识别期望的内容,与正常含量相比,异常情况存在细微差异。这表明需要一种特定的方法来识别这种微小的变化。期望CNN将学习形成图像(流)内容特征的特征,而不是与内容无关的变化。因此,这项研究推荐了一种新的CNN架构类型,即平均卷积层(CNN-MCL),其开发目的是学习异常的内容特征,然后识别特定的异常。推荐的CNN-MCL有助于设计强大的网络入侵检测系统,其中包括创新形式的卷积层,可以教授低级异常特征。
更新日期:2020-10-30
中文翻译:
入侵检测系统的平均卷积层
在过去的10年中,Internet应用程序的飞速发展导致对信息网络进行保护的必要性不断提高。入侵检测系统是一种基本的网络基础结构防御,必须能够适应不断发展的威胁形势并识别出虚假警报率低的新攻击。研究人员已经从数据挖掘和机器学习学科中开发了几种有监督的方法和无监督的方法,以便可以可靠地检测异常。作为机器学习的一个方面,深度学习使用类似于神经元的结构来学习任务。成功的深度学习技术方法是卷积神经网络(CNN);但是,目前不适合检测异常。在CNN的输入流中更容易识别期望的内容,与正常含量相比,异常情况存在细微差异。这表明需要一种特定的方法来识别这种微小的变化。期望CNN将学习形成图像(流)内容特征的特征,而不是与内容无关的变化。因此,这项研究推荐了一种新的CNN架构类型,即平均卷积层(CNN-MCL),其开发目的是学习异常的内容特征,然后识别特定的异常。推荐的CNN-MCL有助于设计强大的网络入侵检测系统,其中包括创新形式的卷积层,可以教授低级异常特征。
京公网安备 11010802027423号