[1]李柄军,陈帅良,段晓英,等.基于改进的GAN与DL融合的入侵检测方法[J].计算机技术与发展,2025,(05):67-75.[doi:10.20165/j.cnki.ISSN1673-629X.2024.0409]
 LI Bing-jun,CHEN Shuai-liang,DUAN Xiao-ying,et al.Intrusion Detection Method Based on Improved GAN and DL Fusion[J].,2025,(05):67-75.[doi:10.20165/j.cnki.ISSN1673-629X.2024.0409]
点击复制

基于改进的GAN与DL融合的入侵检测方法()

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
期数:
2025年05期
页码:
67-75
栏目:
网络空间安全
出版日期:
2025-05-10

文章信息/Info

Title:
Intrusion Detection Method Based on Improved GAN and DL Fusion
文章编号:
1673-629X(2025)05-0067-09
作者:
李柄军陈帅良段晓英康凯*
宁夏师范大学 数学与计算机科学学院,宁夏 固原 756099
Author(s):
LI Bing-junCHEN Shuai-liangDUAN Xiao-yingKANG Kai*
School of Mathematics and Computer Science,Ningxia Normal University,Guyuan 756099,China
关键词:
深度学习入侵检测生成对抗网络卷积神经网络双向长短期记忆网络全连接网络
Keywords:
deep learningintrusion detectiongenerative adversarial networksconvolutional neural networkbidirectional long short - term memory networkfully connected network
分类号:
TP393
DOI:
10.20165/j.cnki.ISSN1673-629X.2024.0409
摘要:
在基于深度学习的入侵检测系统中,数据不平衡问题显著影响模型的准确性,导致其在识别少数类攻击样本时表现不佳。 为了解决这一问题,该文提出了一种改进的生成对抗网络(GAN)、卷积神经网络(CNN)和双向长短期记忆网络(Bi-LSTM)融合的 IGAN-CLSTM 方法。 具体而言,首先通过优化的 GAN 方法增强异常(攻击)样本的数量,从而平衡数据分布,提升模型的泛化能力;接着,结合 CNN 在空间特征提取和 Bi-LSTM 在序列数据处理方面的优势,进行复杂攻击模式的深度特征学习与时序建模,显著提高了模型的识别能力;最后,通过全连接网络(FCN)进行分类。 为验证该方法的有效性,在 UNSW-NB15 和 CSE-CIC-IDS2018 两个大规模数据集上进行了消融实验,结果表明,在保持相同深度学习模型参数和规模的前提下,该方法在准确率、精确度等多个评估指标上均优于其它模型,尤其在多分类任务中的少数类上有了显著提升,展示了其在实时入侵检测中的潜力和应用价值,也为未来网络安全领域的进一步探索提供了有力的支持和参考。
Abstract:
In deep learning-based intrusion detection systems,the issue of data imbalance significantly affects the accuracy of models, leading to poor performance in recognizing minority class attack samples. To address this issue,an improved method called IGAN - CLSTM, which integrates an optimized Generative Adversarial Network ( GAN ), Convolutional Neural Network ( CNN ), and Bidirectional Long Short-Term Memory Network (Bi-LSTM),is proposed. Specifically,an optimized GAN approach is first utilized to enhance the quantity of anomalous ( attack) samples,thereby balancing the data distribution and improving the model’s generalization ability. Subsequently,the advantages of CNN in spatial feature extraction and Bi-LSTM in sequential data processing are combined to fa-cilitate deep feature learning and temporal modeling of complex attack patterns, significantly enhancing the model ’ s recognition capability. Finally,classification is performed using a Fully Connected Network ( FCN). To validate the effectiveness of the proposed method,ablation experiments are conducted on two large-scale datasets,UNSW-NB15 and CSE-CIC-IDS2018. The results indicate that while maintaining the same parameters and scale of the deep learning model,the proposed method outperforms other models across multiple evaluation metrics, particularly demonstrating a significant improvement in precision for minority classes in multi - class classification tasks. This showcases its potential and practical value for real-time intrusion detection and provides strong support and reference for further exploration in the field of cybersecurity.

相似文献/References:

[1]李雷 丁亚丽 罗红旗.基于规则约束制导的入侵检测研究[J].计算机技术与发展,2010,(03):143.
 LI Lei,DING Ya-li,LUO Hong-qi.Intrusion Detection Technology Research Based on Homing - Constraint Rule[J].,2010,(05):143.
[2]马志远,曹宝香.改进的决策树算法在入侵检测中的应用[J].计算机技术与发展,2014,24(01):151.
 MA Zhi-yuan,CAO Bao-xiang.Application of Improved Decision Tree Algorithm in Intrusion Detection System[J].,2014,24(05):151.
[3]高峥 陈蜀宇 李国勇.混合入侵检测系统的研究[J].计算机技术与发展,2010,(06):148.
 GAO Zheng,CHEN Shu-yu,LI Guo-yong.Research of a Hybrid Intrusion Detection System[J].,2010,(05):148.
[4]林英 张雁 欧阳佳.日志检测技术在计算机取证中的应用[J].计算机技术与发展,2010,(06):254.
 LIN Ying,ZHANG Yan,OU Yang-jia.Application of Log Testing Technology in Computer Forensics[J].,2010,(05):254.
[5]李钦 余谅.基于免疫遗传算法的网格入侵检测模型[J].计算机技术与发展,2009,(05):162.
 LI Qin,YU Liang.Grid Intrusion Detection Model Based on Immune Genetic Algorithm[J].,2009,(05):162.
[6]黄世权.网络存储安全分析[J].计算机技术与发展,2009,(05):170.
 HUANG Shi-quan.Analysis of Network Storage's Safety[J].,2009,(05):170.
[7]李睿 肖维民.基于孤立点挖掘的异常检测研究[J].计算机技术与发展,2009,(06):168.
 LI Rui,XIAO Wei-min.Research on Anomaly Intrusion Detection Based on Outlier Mining[J].,2009,(05):168.
[8]胡琼凯 黄建华.基于协议分析和决策树的入侵检测研究[J].计算机技术与发展,2009,(06):179.
 HU Oiong-kai,HUANG Jian-hua.Intrusion Detection Based on Protocol Analysis and Decision Tree[J].,2009,(05):179.
[9]汪世义.基于优化支持向量机的网络入侵检测技术研究[J].计算机技术与发展,2009,(07):177.
 WANG Shi-yi.Network Intrusion Detection Based on Improved Support Vector Machine[J].,2009,(05):177.
[10]薛俊 陈行 陶军.一种基于神经网络的入侵检测技术[J].计算机技术与发展,2009,(08):148.
 XUE Jun,CHEN Hang,TAO Jun.Technology of Intrusion Detection Based on Neural Network[J].,2009,(05):148.
[11]杨 怡,张兴兰.面向入侵检测的频域对抗攻击[J].计算机技术与发展,2023,33(09):72.[doi:10. 3969 / j. issn. 1673-629X. 2023. 09. 011]
 YANG Yi,ZHANG Xing-lan.Frequency Domain Adversarial Attack for Intrusion Detection[J].,2023,33(05):72.[doi:10. 3969 / j. issn. 1673-629X. 2023. 09. 011]
[12]罗虹富,王恒*,马自强.基于CNN和BiLSTM的分层注意力网络入侵检测方法[J].计算机技术与发展,2024,34(11):95.[doi:10.20165/j.cnki.ISSN1673-629X.2024.0211]
 LUO Hong-fu,WANG Heng*,MA Zi-qiang.Hierarchical Attention Network Intrusion Detection Method Based on CNN and BiLSTM[J].,2024,34(05):95.[doi:10.20165/j.cnki.ISSN1673-629X.2024.0211]

更新日期/Last Update: 2025-05-10