摘要
针对传统异常检测方法在处理多元和高维数据时检测性能较差的问题,提出一种融合弹性网和深度去噪自编码器的网络异常检测方法。构建一种基于弹性网的深度去噪自编码器,利用部分正常数据对网络进行训练获得重构误差阈值,以自编码器和重构误差值检测异常行为。采用NSL-KDD数据集的实验结果表明,与AE、K-NN和SVM方法相比,该方法在保证较好的分类准确率和检测率的同时,召回率和F1值明显提高,误报率明显降低,对不同攻击类数据被分类为异常的准确率也优于其它方法。
Aiming at the problem that the abnormality detection performance is poor in the case of processing the multivariate and high-dimensional data in the traditional anomaly detection,a network anomaly detection method combining elastic network and deep denoising autoencoder was proposed.A deep denoising autoencoder based on elastic net was established,the network was trained using some normal data to obtain the reconstruction error threshold,and the abnormal behavior was detected using the autoencoder and the reconstructed error value.Experimental results using the NSL-KDD data set indicate that compared with AE,K-NN and SVM methods,the proposed method achieves better classification accuracy and detection rate,the Recall and F1-score are improved,and the false positive rate are reduced.In addition,the accuracy of classifying different attack data into abnormal data is also superior to other methods.
作者
谭敏生
吕勋
丁琳
李行健
TAN Min-sheng;LYU Xun;DING Lin;LI Xing-jian(Computer School,University of South China,Hengyang 421001,China)
出处
《计算机工程与设计》
北大核心
2020年第6期1516-1521,共6页
Computer Engineering and Design
基金
国家自然科学基金项目(61403183)
湖南省自然科学基金项目(2017JJ4048)
湖南省教育厅科学研究重点基金项目(18A230)
湖南省财政厅科学研究基金项目(20183350502)。
关键词
深度自编码器
弹性网
异常检测
重构误差
独热编码
deep autoencoder
elastic net
anomaly detection
reconstruction error
onehot encode
