Research on the Method of Network Attack Detection Based on Convolution Neural Network

doi:10.3969/j.issn.1671-1122.2017.11.005

Abstract

Abstract:

The existing network attack detection methods including static and dynamic types, and there are some shortcomings, such as too dependent on the rules, much false positives. In view of the traditional network attack detection, this paper introduces the convolution neural network technology into the field of network attack detection. In this paper, the basic principle of convolution neural network is explained in the related content of convolution neural network. In the subsequent chapters, this paper creatively maps the extracted log features to a set of gray scale images for anomaly detection, and creatively maps the network attack characteristics into a sheet of gray scale. This paper reads the application log in the large data platform every 10 minutes by Kafka, generates the latest signature library and maps it to the gray scale according to the corresponding characteristics of the local server, and can reduce the noise data by convolution operation. The original signal features are enhanced so that the features can better describe the details of the data and improve the ability to classify.

Key words: network security, network attack detection, convolution neural network

CLC Number:

TP309.1

Yuming XIA, Shaoyong HU, Shaomin ZHU, Lili LIU. Research on the Method of Network Attack Detection Based on Convolution Neural Network[J]. Netinfo Security, 2017, 17(11): 32-36.

Figures/Tables 8

References 22

[1]	王加元. 多模式网络攻击检测模型的研究[D]. 成都:电子科技大学,2015.
[2]	王志刚. DDoS网络攻击的检测方法研究[D]. 南昌:南昌航空大学,2015.
[3]	杨晓峰,孙明明,胡雪蕾,等. 基于改进隐马尔可夫模型的网络攻击检测方法[J]. 通信学报,2010,31(3):95-101.
[4]	蒋华. 服务器集群网络攻击中非确定攻击检测技术研究[J]. 科技通报,2015,31(6):82-84.
[5]	李巧玲,关晴骁,赵险峰. 基于卷积神经网络的图像生成方式分类方法[J]. 网络与信息安全学报,2016,2(9):40-48.
[6]	史国振,张萌,付鹏,等. IDS设备检测工具的设计与实现[J]. 信息网络安全,2016(5):23-29.
[7]	GIRI E P, FANANY M I, ARYMURTHY A M, et al.Ischemic Stroke Identification Based on EEG and EOG Using ID Convolutional Neural Network and Batch Normalization[C]//IEEE. 2016 International Conference on Advanced Computer Science and Information Systems, October 15-16, 2016, Malang, Indonesia. New Jersey: IEEE, 2017: 1-13.
[8]	吴晓平,周舟,李洪成. Spark框架下基于无指导学习环境的网络流量异常检测研究与实现[J]. 信息网络安全,2016(6):1-7.
[9]	焦李成. 神经网络系统理论[M]. 西安:西安电子科技大学出版社,1990.
[10]	虞和济,陈长征. 基于神经网络的智能诊断[J]. 振动工程学报,2000,13(2):202-209.
[11]	卢广. 网络安全中入侵检测系统的设计与实现[D]. 大庆:大庆石油学院,2003.
[12]	牛鹏飞,张健,常青,等. 基于Xen的异常行为在线检测平台研究与设计[J]. 信息网络安全,2016(9):139-144.
[13]	覃爱明,胡昌振,谭惠民. 网络攻击检测中的机器学习方法综述[J]. 安全与环境学报,2001,1(1):30-36.
[14]	林敏. 基于机器学习的网络攻击检测综述[J]. 数字技术与应用,2010(10):88-89.
[15]	许可. 卷积神经网络在图像识别上的应用的研究[D]. 杭州:浙江大学,2012.
[16]	李殿伟,何明亮,袁方. 基于角色行为模式挖掘的内部威胁检测研究[J]. 信息网络安全,2017(3):27-32.
[17]	RAGHAVENDRA R, VENKATESH S, RAJA K B, et al.Transferable Deep Convolutional Neural Network Features for Fingervein Presentation Attack Detection[C]//IEEE. 5th International Workshop on Biometrics and Forensics, April 4-5, 2017, Coventry, UK. New Jersey: IEEE, 2017: 1-5.
[18]	杨昆朋. 基于深度学习的入侵检测[D]. 北京:北京交通大学,2015.
[19]	邓俊锋,张晓龙. 基于自动编码器组合的深度学习优化方法[J]. 计算机应用,2016,36(3):697-702.
[20]	何明亮,陈泽茂,左进. 基于多窗口机制的聚类异常检测算法[J]. 信息网络安全,2016(11):33-39.
[21]	张恒亨. 基于传统方法和深度学习的图像精细分类研究[D]. 合肥:合肥工业大学,2014.
[22]	杨昆朋. 基于深度学习的入侵检测[D]. 北京:北京交通大学,2015.