Chinese Journal of Network and Information Security ›› 2023, Vol. 9 ›› Issue (1): 130-139.doi: 10.11959/j.issn.2096-109x.2023005
• Papers • Previous Articles Next Articles
ANTONG P, Wen CHEN, Lifa WU
Revised:
2022-11-12
Online:
2023-02-25
Published:
2023-02-01
Supported by:
CLC Number:
ANTONG P, Wen CHEN, Lifa WU. IoT intrusion detection method for unbalanced samples[J]. Chinese Journal of Network and Information Security, 2023, 9(1): 130-139.
"
类型 | 数量 | 占比 |
FileDownload | 18 | <0.01% |
PartOfAPortScan | 213 852 924 | 65.74% |
C&C | 21 995 | <0.01% |
C&C-FileDownload | 53 | <0.01% |
Attack | 9 398 | <0.01% |
DDoS | 19 538 713 | 6.00% |
C&C-HeartBeat | 33673 | 0.01% |
Okiru | 60 990 708 | 18.75% |
C&C-Torii | 30 | <0.01% |
Okiru-Attack | 3 | <0.01% |
C&C-Mirai | 2 | <0.01% |
C&C-HeartBeat-FileDownload | 11 | <0.01% |
C&C-HeartBeat-Attack | 834 | <0.01% |
C&C-PortScan | 888 | <0.01% |
PortScan-Attack | 5 | <0.01% |
[1] | BREIMAN L . Random forests[J]. Machine Learning, 2001,45(1): 5-32. |
[2] | ZHANG G P . Neural networks for classification:a survey[J]. IEEE Transactions on Systems,Man,and Cybernetics,Part C (Applications and Reviews), 2000,30(4): 451-462. |
[3] | 朱应武, 杨家海, 张金祥 . 基于流量信息结构的异常检测[J]. 软件学报, 2010,21(10): 2573-2583. |
ZHU Y W , YANG J H , ZHANG J X . Anomaly detection based on traffic information structure[J]. Journal of Software, 2010,21(10): 2573-2583. | |
[4] | WANG G , HAO J , MA J ,et al. A new approach to intrusion detection using artificial neural networks and fuzzy clustering[J]. Expert Systems with Applications, 2010,37(9): 6225-6232. |
[5] | 麻文刚, 张亚东, 郭进 . 基于LSTM与改进残差网络优化的异常流量检测方法[J]. 通信学报, 2021,42(5): 23-40. |
MA W G , ZHANG Y D , GUO J . Abnormal traffic detection method based on LSTM and improved residual neural network optimization[J]. Journal on Communications, 2021,42(5): 23-40. | |
[6] | 高妮, 高岭, 贺毅岳, 王海 . 基于自编码网络特征降维的轻量级入侵检测模型[J]. 电子学报, 2017,45(3): 730-739. |
GAO N , GAO L , HE Y Y , WANG H . A lightweight intrusion detection model based on antoencoder network with feature reduction[J]. Acta Electronica Sinica, 2017,45(3): 730-739. | |
[7] | TAVALLAEE M , BAGHERI E , LU W ,et al. A detailed analysis of the KDD CUP 99 data set[C]// 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications. 2009: 1-6. |
[8] | ZHANG J , LING Y , FU X ,et al. Model of the intrusion detection system based on the integration of spatial-temporal features[J]. Computers & Security, 2020,89:101681. |
[9] | FENG X , SUN R , ZHU X ,et al. Snipuzz:black-box fuzzing of IoT firmware via message snippet inference[C]// Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. 2021: 337-350. |
[10] | SHEKARI T , IRVENE C , CARDENAS A A ,et al. MaMIoT:Manipulation of energy market leveraging high wattage IoT botnets[C]// Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. 2021: 1338-1356. |
[11] | REZAEI A . Using ensemble learning technique for detecting botnet on IoT[J]. SN Computer Science, 2021,2(3): 1-14. |
[12] | 韩春雨, 张永铮, 张玉 . Fast-flucos:基于 DNS 流量的 Fast-flux恶意域名检测方法[J]. 通信学报, 2020,41(5): 37-47. |
HAN C Y , ZHANG Y Z , ZHANG Y . Fast-flucos:malicious domain name detection method for fast-flux based on DNS traffic[J]. Journal on Communications, 2020,41(5): 37-47. | |
[13] | HAN X , PASQUIER T , BATES A ,et al. Unicorn:runtime provenance-based detector for advanced persistent threats[J]. arXiv preprint arXiv:2001.01525, 2020. |
[14] | ZHANG J , LING Y , FU X ,et al. Model of the intrusion detection system based on the integration of spatial-temporal features[J]. Computers & Security, 2020,89:101681. |
[15] | PAXSON V . Bro:a system for detecting network intruders in real-time[J]. Computer Networks, 1999,31(23-24): 2435-2463. |
[16] | Flowmeter[EB]. |
[17] | GOGOI P , BHUYAN M H , BHATTACHARYYA D K ,et al. Packet and flow based network intrusion dataset[C]// International Conference on Contemporary Computing. 2012: 322-334. |
[18] | COMBS G . Tshark:Dump and analyze network traffic[J]. Wireshark, 2012. |
[19] | GARCIA S , PARMISANO A , ERQUIAGA M J . IoT-23:a labeled dataset with malicious and benign IoT network traffic[R]. Stratosphere Lab. 2020. |
[20] | VACCARI I , CHIOLA G , AIELLO M ,et al. MQTTset,a new dataset for machine learning techniques on MQTT[J]. Sensors, 2020,20(22): 6578. |
[21] | 何红艳, 黄国言, 张炳 ,等. 基于多种特征选择策略的入侵检测模型研究[J]. 信息安全研究, 2021,7(3): 225-232. |
HE H Y , HUANG G Y , ZHANG B ,et al. Research on intrusion detection model based on multiple feature selection strategies[J]. Information Security Research, 2021,7(3): 225-232. |
[1] | Tianpeng YE, Xiang LIN, Jianhua LI, Xuankai ZHANG, Liwen XU. Personalized lightweight distributed network intrusion detection system in fog computing [J]. Chinese Journal of Network and Information Security, 2023, 9(3): 28-37. |
[2] | Xiangdong HU, Lingling TANG. Method on intrusion detection for industrial internet based on light gradient boosting machine [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 46-55. |
[3] | Chao MU, Xin WANG, Ming YANG, Heng ZHANG, Zhenya CHEN, Xiaoming WU. Hardcoded vulnerability detection approach for IoT device firmware [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 98-110. |
[4] | Yihuai CAO, Wei CHEN, Fan ZHANG, Lifa WU. Encrypted and obfuscation WebShell detection for high-speed network traffic [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 119-130. |
[5] | Jian LI, Tinglu DONG, Jie LI. Research on IoT security situation awareness method based on evidence theory [J]. Chinese Journal of Network and Information Security, 2022, 8(2): 39-47. |
[6] | Yimu JI, Weidong YANG, Kui LI, Shangdong LIU, Qiang LIU, Sisi SHAO, Shuai YOU, Naijiao HUANG. Container intrusion detection method based on host system call frequency [J]. Chinese Journal of Network and Information Security, 2021, 7(4): 18-29. |
[7] | Gansen ZHAO,Zhijian XIE,Xinming WANG,Jiahao HE,Chengzhi ZHANG,Chengchuang LIN,ZHOU Ziheng,Bingchuan CHEN,RONG Chunming. ContractGuard:defend Ethereum smart contract with embedded intrusion detection [J]. Chinese Journal of Network and Information Security, 2020, 6(2): 35-55. |
[8] | Yimu JI,Zhipeng JIAO,Shangdong LIU,Fei WU,Jing SUN,Na WANG,Zhiyu CHEN,Qiang BI,Penghao TIAN. CAN bus flood attack detection based on communication characteristics [J]. Chinese Journal of Network and Information Security, 2020, 6(1): 27-37. |
[9] | Jinhui TENG,Yan GUANG,Hui SHU,Bing ZHANG. Automatic detection method of software upgrade vulnerability based on network traffic analysis [J]. Chinese Journal of Network and Information Security, 2020, 6(1): 94-108. |
[10] | Bin ZHANG,Lixun LI,Shuqin DONG. Malware detection approach based on improved SOINN [J]. Chinese Journal of Network and Information Security, 2019, 5(6): 21-30. |
[11] | Jie DU,Yongzhong HE,Ye DU. Improved method of Tor network flow watermarks based on IPD interval [J]. Chinese Journal of Network and Information Security, 2019, 5(4): 91-98. |
[12] | Binghao YAN,Guodong HAN. Combinatorial intrusion detection model based on deep recurrent neural network and improved SMOTE algorithm [J]. Chinese Journal of Network and Information Security, 2018, 4(7): 48-59. |
[13] | Jialin WANG, Jiqiang LIU, Di ZHAO, Yingdi WANG, Yingxiao XIANG, Tong CHEN, Endong TONG, Wenjia NIU. Intrusion detection model based on non-symmetric convolution auto-encode and support vector machine [J]. Chinese Journal of Network and Information Security, 2018, 4(11): 57-68. |
[14] | Di FAN,Jing LIU,Jun-xi ZHUANG,Ying-xu LAI. Research on attack scenario reconstruction method based on causal knowledge discovery [J]. Chinese Journal of Network and Information Security, 2017, 3(4): 58-68. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|