期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于受限玻尔兹曼机和3WD的入侵检测方法

Intrusion Detection Method Based on Restricted Boltzmann Machine and 3WD
在线阅读 下载PDF
导出
摘要 随着网络攻击手段日趋多样化和复杂化,传统的网络安全防护体系例如以防火墙为代表的边界防护技术以及基于误用检测的统计学习方法等正面临严峻挑战,在应对新型网络安全威胁时已显现出明显的局限性,其防护效果和响应能力均难以满足当前网络安全防护需求。论文提出一种基于受限玻尔兹曼机(RBM)和三支决策(3WD)的入侵检测方法。选取RBM对数据集进行特征提取,在分类决策阶段,针对传统二分类决策中“非此即彼”的局限性,引入三支决策理论对决策机制进行优化。在保持原有正域(1)和负域(0)划分的基础上,通过设定合理的阈值区间,将处于决策模糊带的样本归入边界域。不仅能够有效处理不确定性样本,通过边界域的设置降低决策风险,提高分类系统的容错性和实用性。实验评估结果显示,在广泛使用的NSL-KDD基准数据集上该方法的准确率为96.1%,高于对比方法中准确率最高的基于时空特征的分层入侵检测系统2.5%。 With the increasing diversification and sophistication of cyberattack techniques,traditional cybersecurity defense systems,such as perimeter protection technologies exemplified by firewalls and statistical learning methods based on misuse detection,are facing significant challenges.These systems have exhibited notable limitations in addressing emerging cybersecurity threats,as their protective efficacy and response capabilities fall short of meeting current cybersecurity requirements.This paper proposes an intrusion detection method based on restricted Boltzmann machines(RBM)and three-way decisions(3WD).Specifically,RBMis utilized for feature extraction from the dataset,while the three-way decision theory is introduced during the classification decision phase to optimize the decision-making mechanism.This approach addresses the inherent"either-or"limitation of traditional binary classification by incorporating a boundary domain.By retaining the original positive(1)and negative(0)domain divisions and establishing appropriate threshold intervals,samples within the decision ambiguity zone are assigned to the boundary domain.This not only enhances the handling of uncertain samples but also reduces decision risks and improves the fault tolerance and practicality of the classification system.Experimental evaluations conducted on the widely used NSL-KDD benchmark dataset demonstrate that the proposed method achieves an accuracy of 96.1%,surpassing the highest accuracy among comparative methods by 2.5%,specifically outperforming a spatiotemporal feature-based hierarchical intrusion detection system.
作者 洪亮 HONG Liang(College of Computer,Jiangsu University of Science and Technology,Zhenjiang 212100)
机构地区 江苏科技大学计算机学院
出处 《计算机与数字工程》 2025年第6期1686-1691,1739,共7页 Computer & Digital Engineering
关键词 入侵检测 玻尔兹曼机 三支决策 特征提取 网络安全 intrusion detection Boltzmann machines three-way decision feature extraction network security
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献3

二级参考文献21

  • 1张卷美.一种新的迭代收敛阶数的证明与推广[J].大学数学,2007,23(6):135-139. 被引量:4
  • 2国家互联网应急中心.2013年我国互联网网络安全态势综述[J/OL].http://www.cert. org.cn.
  • 3ANDERSO J P. Computer Security Threat Monitoring and Surveil-lance [P]. USA: PA 19034,1980.4.
  • 4LI M. An approach to reliably identifying signs ofDDOS flood attacksbased on LRD traffic pattern recognition[Jj. Computers & Security,2004,23(7):549-558.
  • 5DEREK. S, GUAN Q, FU S. An anomaly detection framework forautonomic management of compute cloud systems[C]//ComputerSoftware and Applications Conference Workshops (COMPSACW).Seoul, c2010: 376-381.
  • 6GUAN Q, ZHANG Z M, FU S. Ensemble of Bayesian predictors anddecision trees for proactive failure management in cloud computingsystems[J]. Journal of Communications, 2012,7(1):52-61.
  • 7HUSANBIR S, LIU J G, GUAN Q. AFD: adaptive failure detectionsystem for cloud computing infrastructures[C]//Perrormance Computingand Communications Conference (IPCCC). Austin, TX, c2012: 71-80.
  • 8ZHU Q, TERESA T, XTE Q. Automatic fault diagnosis in cloud infra-slnicture[C]//Cloud Computing Technology and Science(CloudCom).Bristol, c2013: 467-474.
  • 9GUAN Q, FU S. Adaptive anomaly identification by exploring metricsubspace in cloud computing infrastructures[C]//Reliable DistributedSystems (SRDS). Braga, c2013: 205-214.
  • 10李乐,章毓晋.非负矩阵分解算法综述[J].电子学报,2008,36(4):737-743. 被引量:111

共引文献113

计算机与数字工程
2025年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部