电信科学

• • 上一篇    下一篇

网络入侵检测系统中的漂移检测

钱亚冠,关晓惠   

  1. 浙江科技学院;浙江水利水电学院
  • 出版日期:2015-03-15 发布日期:2015-05-22
  • 基金资助:
    国家自然科学基金资助项目(No.61379118),浙江省网络媒体云处理与分析工程技术中心开放课题基金资助项目(No.2012E10023-14),2014年度高校国内访问学者专业发展基金资助项目(No.FX2014092)

Adversarial Drift Detection in Intrusion Detection System

Qian Yaguan and Guan Xiaohui   

  1. Zhejiang University of Science and Technology;Zhejiang University of Water Resources and Electric Power
  • Online:2015-03-15 Published:2015-05-22
  • Supported by:
    The National Natural Science Foundation of China (No.61379118), The Zhejiang Province Network Media Cloud Processing and Analysis of Engineering Technology Center Open Topic (No.2012E10023-14), 2014 Annual Professional Development Program of Domestic Universities Visiting Scholar (No.FX2014092)

被引次数

1

摘要: 目前基于机器学习的入侵检测系统大都建立在入侵数据始终保持统计平稳的假设之上,无法应对攻击者有意改变数据特性或新型攻击方式的出现,而导致的检测率下降的状况。对于上述问题,即攻击漂移,提出了加权Rényi距离的检测方法。在KDD Cup99数据集上的实验证明,Rényi距离可以有效地增强检测效果;在检测到漂移后,通过重新训练模型可以使得对攻击的识别率显著提高。

Abstract: The recent intrusion detection systems based on machine learning generally assume that the intrusion traffic always satisfies stationary of statistics. However, this assumption is not always held when adversaries arbitrarily alter the distribution of traffic data, or develop new attack techniques, which may reduce the detection rate. To overcome this adversarial drift, a novel drift detection approach based on weighted Rényi distance was suggested. The experiment on KDD Cup99 shows that the weighted Rényi distance is able to perfectly detect the adversarial drift, and improve the intrusion detection rate by retraining the model.


论文引用格式:钱亚冠,关晓惠.网络入侵检测系统中的漂移检测.电信科学,2015058
Qian Y G,Guan X H.Adversarial drift detection in intrusion detection system.Telecommunications Science,2015058

No Suggested Reading articles found!