信息网络安全 ›› 2023, Vol. 23 ›› Issue (8): 76-85.doi: 10.3969/j.issn.1671-1122.2023.08.007

• 技术研究 • 上一篇    下一篇

联盟链下基于联邦学习聚合算法的入侵检测机制优化研究

彭翰中1,2, 张珠君1,2(), 闫理跃3, 胡成林3   

  1. 1.中国科学院信息工程研究所,北京 100085
    2.中国科学院大学网络空间安全学院,北京 100049
    3.中国电子技术标准化研究院,北京 100007
  • 收稿日期:2023-04-18 出版日期:2023-08-10 发布日期:2023-08-08
  • 通讯作者: 张珠君 E-mail:zhangzhujun@iie.ac.cn
  • 作者简介:彭翰中(2000—),男,湖南,硕士研究生,主要研究方向为物联网安全、区块链安全|张珠君(1987—),女,河北,工程师,博士,主要研究方向为物联网安全、区块链技术与应用|闫理跃(1986—),男,北京,工程师,博士,主要研究方向为供应链应用与安全|胡成林(1987—),男,北京,工程师,硕士,主要研究方向为供应链应用与安全
  • 基金资助:
    国家重点研发计划(2019YFB1005204)

Research on Intrusion Detection Mechanism Optimization Based on Federated Learning Aggregation Algorithm under Consortium Chain

PENG Hanzhong1,2, ZHANG Zhujun1,2(), YAN Liyue3, HU Chenglin3   

  1. 1. Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100085, China
    2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China
    3. Chinese Electronics Standardization Institute, Beijing 100007, China
  • Received:2023-04-18 Online:2023-08-10 Published:2023-08-08
  • Contact: ZHANG Zhujun E-mail:zhangzhujun@iie.ac.cn

摘要:

近年来,联邦学习备受关注,因为它能在保护用户隐私的前提下训练和聚合入侵检测模型。联盟链作为一种高效且可控的分布式账本技术,与联邦学习技术结合被应用于多节点入侵检测场景。然而,传统的联盟链下基于联邦学习聚合入侵检测模型的算法存在缺陷,无法根据网络环境动态调整聚合算法参数,导致通信成本过高。因此,文章根据联盟链网络环境设计自适应联邦学习聚合算法,动态调整入侵检测模型聚合间隔,以平衡模型准确度与通信成本。理论分析和实验结果表明,相较于传统联邦学习聚合算法,该入侵检测模型的聚合过程在保证了模型准确度的前提下降低了系统通信成本,提高了模型聚合效率,具有良好的应用前景。

关键词: 联盟链, 入侵检测系统, 联邦学习

Abstract:

In recent years, federated learning has received widespread attention because it can train and aggregate intrusion detection models while protecting user privacy. As an efficient and controllable distributed ledger technology, consortium blockchain is combined with federated learning technology and applied to multi-node intrusion detection scenarios. However, the algorithm for aggregating intrusion detection models based on federated learning under traditional consortium chains has defects, such as the inability to dynamically adjust aggregation algorithm parameters based on network environment, resulting in high communication costs. Therefore, this paper designed an adaptive federated learning aggregation algorithm based on the consortium chain network environment, dynamically adjusting the intrusion detection model aggregation interval, which balancing the model accuracy and communication cost. Theoretical analysis and experimental results show that, compared with traditional federated learning aggregation algorithms, the intrusion detection model aggregation process in this study reduces the system communication cost while ensuring model accuracy, improves model aggregation efficiency, and has good application prospects.

Key words: consortium blockchain, intrusion detection system, federated learning

中图分类号: