信息安全研究 ›› 2022, Vol. 8 ›› Issue (12): 1163-.
黄屿璁1张潮2吕鑫1,3曾涛1王鑫元1丁辰龙1
出版日期:
2022-12-03
发布日期:
2022-12-01
通讯作者:
黄屿璁
博士研究生.主要研究方向为入侵检测、网络安全.
huangyc89757@163.com
作者简介:
黄屿璁
博士研究生.主要研究方向为入侵检测、网络安全.
huangyc89757@163.com
张潮
博士,高级工程师.主要研究方向为水利信息化、网络安全.
zhangchao@mwr.gov.cn
吕鑫
博士,副教授.主要研究方向为网络与信息安全、大数据分析与隐私保护.
lvxin@hhu.edu.cn
曾涛
博士研究生.主要研究方向为深度学习、入侵检测.
tzeng.nj@hhu.edu.cn
王鑫元
博士研究生.主要研究方向为入侵检测、隐私保护.
wxyhhu@hhu.edu.cn
丁辰龙
博士研究生.主要研究方向为网络安全.
policeasy@hhu.edu.cn
Online:
2022-12-03
Published:
2022-12-01
摘要: 互联网的迅速发展在给用户带来巨大便利的同时,也引发了诸多安全事故.随着零日漏洞、加密攻击等网络攻击行为日益增加,网络安全形势愈发严峻.入侵检测是网络攻击检测的一种重要手段.近年来,随着深度学习技术的持续发展,基于深度学习的入侵检测系统逐渐成为网络安全领域的研究热点.通过对文献的广泛调查,介绍了利用深度学习技术进行网络入侵检测的最新工作.首先,对当前网络安全形势及传统入侵检测技术进行简要概括;然后,介绍了网络入侵检测系统中常用的几种深度学习模型;接着,总结了深度学习中常用的数据预处理技术、数据集以及评价指标;再从实际应用的角度介绍了深度学习模型在网络入侵检测系统中的具体应用;最后,讨论了目前研究过程中面临的问题,提出了未来的发展方向.
黄屿璁, 张潮, 吕鑫, 曾涛, 王鑫元, 丁辰龙, . 基于深度学习的网络入侵检测研究综述[J]. 信息安全研究, 2022, 8(12): 1163-.
[1]张赛男, 孙彪. 基于机器学习的网络异常检测方法综述[J]. 吉林大学学报: 信息科学版, 2021, 39(6): 732742[2]Liu H, Lang B. Machine learning and deep learning methods for intrusion detection systems: A survey[J]. Applied Sciences, 2019, 9(20): 43964396[3]Chamou D, Toupas P, Ketzaki E, et al. Intrusion detection system based on network traffic using deep neural networks[C] Proc of the 24th Int Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD). Piscataway, NJ: IEEE, 2019: 16[4]Otter D W, Medina J R, Kalita J K. A survey of the usages of deep learning for natural language processing[J]. IEEE Trans on Neural Networks and Learning Systems, 2019, 32(2): 604624[5]Almiani M, AbuGhazleh A, AlRahayfeh A, et al. Deep recurrent neural network for IoT intrusion detection system[EBOL]. [20220402]. https:www.researchgate.netpublication337492444_Deep_Recurrent_Neural_Network_For_IoT_Intrusion_Detection_System[6]Kingma D P, Welling M. Stochastic gradient VB and the variational autoencoder[EBOL]. (20140501) [20220402]. https:arxiv.orgabs1312.6114v7[7]Duan T, Tian Y, Zhang H, et al. Intelligent processing of intrusion detection data[J]. IEEE Access, 2020, 8(4): 7833078342[8]Yang Y, Zheng K, Wu C, et al. Building an effective intrusion detection system using the modified density peak clustering algorithm and deep belief networks[J]. Applied Sciences, 2019, 9(2): 125[9]唐贤伦, 杜一铭, 刘雨微, 等. 基于条件深度卷积生成对抗网络的图像识别方法[J]. 自动化学报, 2018, 44(5): 855864[10]Gumusbas D, Yldrm T, Genovese A, et al. A comprehensive survey of databases and deep learning methods for cybersecurity and intrusion detection systems[J]. IEEE Systems Journal, 2021, 15(2): 17171731[11]Hu Z, Wang L, Qi L, et al. A novel wireless network intrusion detection method based on adaptive synthetic sampling and an improved convolutional neural network[J]. IEEE Access, 2020, 8(10): 195741195751[12]产院东, 郭乔进, 梁中岩, 等. 基于深度学习的入侵检测综述[J]. 信息化研究, 2021, 47(4): 17[13]蹇诗婕, 卢志刚, 杜丹, 等. 网络入侵检测技术综述[J]. 信息安全学报, 2020, 5(4): 96122[14]Genovese A, Piuri V, Plataniotis K N, et al. PalmNet: GaborPCA convolutional networks for touchless palmprint recognition[J]. IEEE Trans on Information Forensics and Security, 2019, 14(12): 31603174[15]Shibahara T, Yagi T, Akiyama M, et al. Efficient dynamic malware analysis based on network behavior using deep learning[C] Proc of the 2016 IEEE Global Communications Conf(GLOBECOM). Piscataway, NJ: IEEE, 2016: 17[16]David O E, Netanyahu N S. Deepsign: Deep learning for automatic malware signature generation and classification[C] Proc of the 2015 Int Joint Conf Neural Networks (IJCNN). Piscataway, NJ: IEEE, 2015: 18[17]Wang X, Yiu S M. A multitask learning model for malware classification with useful file access pattern from API call sequence[EBOL]. [20220402]. https:www.researchgate.netpublication309288495_A_multitask_learning_model_for_malware_classification_with_useful_file_access_pattern_from_API_call_sequence[18]YousefiAzar M, Varadharajan V, Hamey L, et al. Autoencoderbased feature learning for cyber security applications[C] Proc of the 2017 Int Joint Conf Neural Networks (IJCNN). Piscataway, NJ: IEEE, 2017: 38543861[19]Anderson H S, Woodbridge J, Filar B. DeepDGA: Adversariallytuned domain generation and detection[C] Proc of the 2016 ACM Workshop on Artificial Intelligence and Security. New York: ACM, 2016: 1321[20]Woodbridge J, Anderson H S, Ahuja A, et al. Predicting domain generation algorithms with long shortterm memory networks[EBOL]. [20220402]. http:www.covert.ioresearchpapersdeeplearningsecurityPredicting%20Domain%20Generation%20Algorithms%20with%20Long%20ShortTerm%20Memory%20Networks.pdf[21]Zeng F, Chang S, Wan X. Classification for DGAbased malicious domain names with deep learning architectures[J]. International Journal of Intelligent Information Systems, 2017, 6(6): 6771[22]Mac H, Tran D, Tong V, et al. DGA botnet detection using supervised learning methods[C] Proc of the 8th Int Symp on Information and Communication Technology. New York: ACM, 2017: 211218[23]Nasr M, Bahramali A, Houmansadr A. Deepcorr: Strong flow correlation attacks on TOR using deep learning[C] Proc of the 2018 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2018: 19621976[24]Jiang J, Chen J, Choo K R, et al. A deep learning based online malicious URL and DNS detection scheme[G] SecureComm 2017: Security and Privacy in Communication Networks. Berlin: Springer, 2017: 438448[25]Khan R U, Zhang X, Alazab M, et al. An improved convolutional neural network model for intrusion detection in networks[C] Proc of 2019 Cybersecurity and Cyberforensics Conf(CCC). Piscataway, NJ: IEEE, 2019: 7477[26]Andresini G, Appice A, Malerba D. Nearest clusterbased intrusion detection through convolutional neural networks[EBOL]. (20210315) [20220402]. https:www.sciencedirect.comsciencearticleabspiiS0950705121000617[27]Shibahara T, Yamanishi K, Takata Y, et al. Malicious URL sequence detection using event denoising convolutional neural network[C] Proc of the 2017 IEEE Int Conf Communications (ICC). Piscataway, NJ: IEEE, 2017: 17[28]Suda H, Natsui M, Hanyu T. Systematic intrusion detection technique for an invehicle network based on timeseries feature extraction[C] Proc of the 48th IEEE Int Symp on MultipleValued Logic (ISMVL). Piscataway, NJ: IEEE, 2018: 5661[29]燕昺昊, 韩国栋. 基于深度循环神经网络和改进SMOTE算法的组合式入侵检测模型[J]. 网络与信息安全学报, 2018, 4(7): 4859[30]Hou H, Xu Y, Chen M, et al. Hierarchical long shortterm memory network for cyberattack detection[J]. IEEE Access, 2020, 8(3): 9090790913[31]Roy B, Cheung H. A deep learning approach for intrusion detection in Internet of things using bidirectional long shortterm memory recurrent neural network[C] Proc of the 28th Int Telecommunication Networks and Applications Conf. Piscataway, NJ: IEEE, 2018: 16[32]Alkadi O, Moustafa N, Turnbull B, et al. A deep blockchain frameworkenabled collaborative intrusion detection for protecting IoT and cloud networks[J]. IEEE Internet of Things Journal, 2020, 8(12): 94639472[33]Mahdavisharif M, Jamali S, Fotohi R. Big dataaware intrusion detection system in communication networks: A deep learning approach[J]. Journal of Grid Computing, 2021, 19(4): 1946[34]Farahnakian F, Heikkonen J. A deep autoencoder based approach for intrusion detection system[C] Proc of the 20th Int Conf on Advanced Communication Technology (ICACT). Piscataway, NJ: IEEE, 2018: 178183[35]Li X, Chen W, Zhang Q, et al. Building autoencoder intrusion detection system based on random forest feature selection[EBOL]. [20220402]. https:www.sciencedirect.comsciencearticlepiiS0167404820301231[36]Zavrak S, skefiyeli M. Anomalybased intrusion detection from network flow features using variational autoencoder[J]. IEEE Access, 2020, 8(6): 108346108358[37]Yu Y, Long J, Cai Z. Network intrusion detection through stacking dilated convolutional autoencoders[J]. Security and Communication Networks, 2017, 2017(11): 110[38]Gao N, Gao L, Gao Q, et al. An intrusion detection model based on deep belief networks[C] Proc of the 2nd Int Conf Advanced Cloud and Big Data (CBD). Piscataway, NJ: IEEE, 2014: 247252[39]Alrawashdeh K, Purdy C. Toward an online anomaly intrusion detection system based on deep learning[C] Proc of the 15th IEEE Int Conf Machine Learning and Applications (ICMLA). Piscataway, NJ: IEEE, 2015: 195200[40]Chawla S. Deep learning based intrusion detection system for Internet of things[D]. Seattle: University of Washington, 2017[41]Singla A, Bertino E, Verma D. Preparing network intrusion detection deep learning models with minimal data using adversarial domain adaptation[C] Proc of the 15th ACM Asia Conf on Computer and Communications Security. New York: ACM, 2020: 127140[42]Liu X, Li T, Zhang R, et al. A GAN and feature selectionbased oversampling technique for intrusion detection[J]. Security and Communication Networks, 2021, 2021(7): 115[43]肖建平, 龙春, 赵静, 等. 基于深度学习的网络入侵检测研究综述[J]. 数据与计算发展前沿, 2021, 3(3): 5974[44]张小莉, 程光, 张慰慈. 基于改进深度卷积神经网络的网络流量分类方法[J]. 中国科学: 信息科学, 2021, 51(1): 5674[45]Yin C, Zhu Y, Fei J, et al. A deep learning approach for intrusion detection using recurrent neural networks[J]. IEEE Access, 2017, 5(10): 2195421961[46]Xiao Y, Xing C, Zhang T, et al. An intrusion detection model based on feature reduction and convolutional neural networks[J]. IEEE Access, 2019, 7(3): 4221042219[47]Kannari P R, Shariff N C, Biradar R L. Network intrusion detection using sparse autoencoder with SwishPReLU activation model[EBOL]. (20210313) [20220402]. https:link.springer.comarticle10.1007s12652021030770[48]Aldwairi T, Perera D, Novotny M A. An evaluation of the performance of restricted boltzmann machines as a model for anomaly network intrusion detection[J]. Computer Networks, 2018, 144(10): 111119[49]Elsaeidy A, Munasinghe K S, Sharma D, et al. Intrusion detection in smart cities using restricted boltzmann machines[J]. Journal of Network and Computer Applications, 2019, 135(6): 7683[50]Thamilarasu G, Chawla S. Towards deeplearningdriven intrusion detection for the Internet of things[J]. Sensors, 2019, 19(9): 119[51]Lin Z, Shi Y, Xue Z. IDSGAN: Generative adversarial networks for attack generation against intrusion detection[J]. arXiv preprint, arXiv:1809.02077, 2018[52]Liao D, Huang S, Tan Y, et al. Network intrusion detection method based model GAN[C] Proc of the 2020 Int Conf on Computer Communication and Network Security (CCNS). Piscataway, NJ: IEEE, 2020: 153156[53]张昊, 张小雨, 张振友, 等. 基于深度学习的入侵检测模型综述[J]. 计算机工程与应用, 2022, 58(6): 1728[54]彭祯方, 邢国强, 陈兴跃. 人工智能在网络安全领域的应用及技术综述[J]. 信息安全研究, 2022, 8(2): 110116 |
[1] | 杨建军. 突破核心技术,建设数字中国,让网络更好造福国家和人民[J]. 信息安全研究, 2022, 8(E1): 2-. |
[2] | 贾悦霖, 赵凡, 王瑜, . 5G+ 基于云化蜜罐网络安全感知解决方案[J]. 信息安全研究, 2022, 8(E1): 31-. |
[3] | 林飞, 易永波, 韩函, 武国柱, 阮伟军, 全凯南, 刘飞, . 天津荣程钢铁5G数据安全综合风险监控解决方案[J]. 信息安全研究, 2022, 8(E1): 84-. |
[4] | 李玮. 虚拟化分布式防火墙系统TopVSP-vDFW[J]. 信息安全研究, 2022, 8(E1): 148-. |
[5] | 郭金所. 基于实网的攻防平台设计研究[J]. 信息安全研究, 2022, 8(9): 895-. |
[6] | 陈月华, 陈发强, 王佳实. 新型智慧城市网络安全发展探析[J]. 信息安全研究, 2022, 8(9): 947-. |
[7] | 张福, 程度, 鄢曲, 卞建超. 基于ATT&CK框架的网络安全评估和检测技术研究[J]. 信息安全研究, 2022, 8(8): 751-. |
[8] | 王奕钧. 网络空间地理图谱在城市网络安全综合管控中的应用研究[J]. 信息安全研究, 2022, 8(8): 801-. |
[9] | 姚纪卫, 杨芳. 基于内存保护技术的二进制内存破坏型漏洞攻击防护方法研究[J]. 信息安全研究, 2022, 8(7): 694-. |
[10] | 陈圣楠, 范新民, 许力. 基于多约束安全工作流的漏洞管理系统[J]. 信息安全研究, 2022, 8(7): 700-. |
[11] | 许平, 李绪国, 杜伟军. 工业控制系统网络安全技术标准关键控制项研究[J]. 信息安全研究, 2022, 8(6): 586-. |
[12] | 齐向东, 刘勇, 韩永刚, 罗海龙, 孔坚, 高晓红, 郝雅楠. 面向重大活动网络安全保障的新一代网络安全框架研究[J]. 信息安全研究, 2022, 8(5): 492-. |
[13] | 王坤庆, 刘婧, 赵语杭, 吕浩然, 李鹏, 刘炳莹, . 联邦学习安全威胁综述[J]. 信息安全研究, 2022, 8(3): 223-. |
[14] | 彭祯方, 邢国强, 陈兴跃, . 人工智能在网络安全领域的应用及技术综述[J]. 信息安全研究, 2022, 8(2): 110-. |
[15] | 席一帆, 汪洋, 张钰, . 基于域名词间关系的字典型恶意域名检测方法[J]. 信息安全研究, 2022, 8(2): 129-. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||