摘要
为了提升入侵检测的准确率,鉴于自编码器在学习特征方面的优势以及残差网络在构建深层模型方面的成熟应用,提出一种基于特征降维的改进残差网络入侵检测模型(improved residual network intrusion detection model based on feature dimensionality reduction,IRFD),进而缓解传统机器学习入侵检测模型的低准确率问题。IRFD采用堆叠降噪稀疏自编码器策略对数据进行降维,从而提取有效特征。利用卷积注意力机制对残差网络进行改进,构建能提取关键特征的分类网络,并利用两个典型的入侵检测数据集验证IRFD的检测性能。实验结果表明,IRFD在数据集UNSW-NB15和CICIDS 2017上的准确率均达到99%以上,且F1-score分别为99.5%和99.7%。与基线模型相比,提出的IRFD在准确率、精确率和F1-score性能上均有较大提升。
In order to improve the accuracy of intrusion detection,considering the advantages of autoencoders in learning features and the mature application of residual networks in constructing deep models,an improved residual network intrusion detection model based on feature dimensionality reduction(IRFD)was proposed.The goal of the proposed IRFD was to solve the issue of low detection accuracy of traditional machine learning based intrusion detection models.In IRFD,the stacking denoising sparse autoencoder was employed to reduce the dimensionality of features and extract effective features.The convolutional attention mechanism was used to improve the residual network and form a classification network that could extract key features.Two typical intrusion detection datasets were employed to verify the detection performance of the IRFD.Experimental results demonstrate that the detection accuracy of the proposed IRFD on the both UNSW-NB15 and CICIDS 2017 datasets are over 99%,with F1-score of 99.5%and 99.7%,respectively.Compared with the state-of-the-art models for the intrusion detection,the accuracy,precision,and F1-score performance of the IRFD were significantly improved.
作者
孙敬
丁嘉伟
冯光辉
SUN Jing;DING Jiawei;FENG Guanghui(School of Information Engineering,Zhengzhou University of Industrial Technology,Zhengzhou 451150,China;School of Computer Science and Cyber Engineering,Guangzhou University,Guangzhou 510006,China)
出处
《电信科学》
北大核心
2025年第2期129-138,共10页
Telecommunications Science
基金
教育部产学合作协同育人项目(No.220602236285739)
2024年度河南省高等教育教学改革研究与实践项目(本科教育类)(No.2024SJGLX0584)。
关键词
网络攻击
入侵检测模型
堆叠降噪稀疏自编码器
卷积注意力机制
残差网络
network attack
intrusion detection model
stacking denoising sparse autoencoder
convolutional attention mechanism
residual network
