云环境中改进FCM和规则参数优化的网络入侵检测方法

doi:10.11959/j.issn.1000-0801.2018005

Abstract

Abstract:

Aiming at the network intrusion detection problem in cloud environment,a method of network intrusion detection based on fuzzy inference was proposed.Firstly,it used the mutual information feature selection to reduce the feature of the sample.Then,the improved fuzzy C-means clustering method was used to cluster the training sample set,and the initial fuzzy rule base was got by the correspondence between each sample feature and cluster.After that,the refine parameter and consequent parameters of each rule were tuned to obtain an exact rule base.Finally,fuzzy inference was carried out on the input connection data based on the rule base,and it was classified to realize intrusion detection.Experimental results on the cloud intrusion detection dataset show that this method can detect the network intrusion accurately,and it is feasible and effective.

Key words: cloud environment, network intrusion detection, mutual information feature selection, improved fuzzy C-means clustering, fuzzy rule base optimization

CLC Number:

TP393

Chunqin ZANG,Lichun XIE. Network intrusion detection method based on improved FCM and rule parameter optimization in cloud environment[J]. Telecommunications Science, 2018, 34(1): 72-79.

Figures/Tables 7

References 15

[1]	罗亮, 吴文峻, 张飞 . 面向云计算数据中心的能耗建模方法[J]. 软件学报, 2014,25(7): 1371-1387.
	LUO L , WU W J , ZHANG F . Energy modeling based on cloud data center[J]. Journal of Software, 2014,25(7): 1371-1387.
[2]	FOSSACECA J M , MAZZUCHI T A , SARKANI S . MARK-ELM:application of a novel multiple kernel learning framework for improving the robustness of network intrusion detection[J]. Expert Systems with Applications, 2015,42(8): 4062-4080.
[3]	石云, 陈钟, 孙兵 . 基于均值聚类分析和多层核心集凝聚算法相融合的网络入侵检测[J]. 计算机应用研究, 2016,32(2): 518-520.
	SHI Y , CHEN Z , SUN B . Networks intrusion detection based on integrating k-mean clustering analysis and multilayer core-set agglomerative algorithm[J]. Computer Applications and Software, 2016,32(2): 518-520.
[4]	陆婷婷, 韩旭 . 面向 MANET 报文丢弃攻击的模糊入侵检测系统[J]. 电信科学, 2016,32(10): 124-129.
	LU T T , HAN X . Fuzzy intrusion detection system for MANET packet dropping attack[J]. Telecommunications Science, 2016,32(10): 124-129.
[5]	SHAMSHIRBAND S , AMINI A , ANUAR N B ,et al. D-FICCA:a density-based fuzzy imperialist competitive clustering algorithm for intrusion detection in wireless sensor networks[J]. Measurement, 2014,55(9): 212-226.
[6]	李洪成, 吴晓平, 陈燕 . MapReduce 框架下支持差分隐私保护的K-means聚类方法[J]. 通信学报, 2016,37(2): 124-130.
	LI H C , WU X P , CHEN Y . K-means clustering method preserving differential privacy in MapReduce framework[J]. Journal on Communications, 2016,37(2): 124-130.
[7]	TIAN L , JIANWEN W . Research on network intrusion detection system based on improved K-means clustering algorithm[C]// International Forum on Computer Science-Technology and Applications,Dec 25-27,2009,Chongqing,China. Piscataway:IEEE Press, 2009: 76-79.
[8]	XIE L , WANG Y , CHEN L ,et al. An anomaly detection method based on fuzzy C-means clustering algorithm[J]. Proceedings of the International Symposium on Networking ＆ Netwo, 2014,24(5): 56-63.
[9]	魏莎莎, 陆慧娟, 金伟 ,等. 基于云平台的互信息最大化特征提取方法研究[J]. 电信科学, 2013,29(10): 38-42.
	WEI S S , LU H J , JIN W ,et al. Maximum mutual information feature extraction method based on the cloud platform[J]. Telecommunications Science, 2013,29(10): 38-42.
[10]	徐峻岭, 周毓明, 陈林 ,等. 基于互信息的无监督特征选择[J]. 计算机研究与发展, 2012,49(2): 372-382.
	XU J L , ZHOU Y M , CHEN L ,et al. An unsupervised feature selection approach based on mutual information[J]. Journal of Computer Research and Development, 2012,49(2): 372-382.
[11]	AMIRI F , REZAEI YOUSEFI M , LUCAS C ,et al. Mutual information-based feature selection for intrusion detection systems[J]. Journal of Network ＆ Computer Applications, 2011,34(4): 1184-1199.
[12]	SONG J , ZHU Z , SCULLY P ,et al. Selecting features for anomaly intrusion detection:a novel method using fuzzy C means and decision tree classification[J]. Cyberspace Safety and Security, 2013,8(3): 299-307.
[13]	琚春华, 鲍福光, 戴俊彦 . 一种融入公众情感投入分析的微博话题发现与细分方法[J]. 电信科学, 2016,32(7): 97-105.
	JU C H , BAO F G , DAI J Y . Discovery and segmentation method in micro-blog topics based on public emotional engagement analysis[J]. Telecommunications Science, 2016,32(7): 97-105.
[14]	LIU X , QIN Y , WU L . Fast and direct Karnik-Mendel algorithm computation for the centroid of an interval type-2 fuzzy set[C]// IEEE International Conference on Fuzzy Systems,June 10-15,2012,Brisbane,QLD,Australia. Piscataway:IEEE Press, 2012: 1-8.
[15]	KHOLIDY H A , BAIARDI F . CIDD:a cloud intrusion detection dataset for cloud computing and masquerade attacks[C]// Ninth International Conference on Information Technology-New Generations,April l16-18,2012,Las Vegas,NV,USA. Piscataway:IEEE Press, 2012: 397-402.

Metrics

Recommended 0

No Suggested Reading articles found!

特征名	描述
service	在目标主机的网络服务
dst_bytes	从目标主机到源主机的数据流量
count	2 s内与当前连接具有相同目标主机的连接数
serror_rate	2 s内，在与当前连接具有相同目标主机的连接中，出现“SYN” 错误的连接的百分比
srv_diff_host_rate	2 s内，在与当前连接具有相同服务的连接中，与当前连接具有不同目标主机的连接的百分比
dst_host_srv_count	前100个连接中，与当前连接具有相同目标主机相同服务的连接数
src_bytes	源主机到目标主机的数据流量
logged_in	登录成功
srv_count	2 s内与当前连接具有相同服务的连接数
srv_rerrAor_rate	2 s内，在与当前连接具有相同服务的连接中，出现“REJ”错误的连接的百分比
dst_host_count	前100个连接中，与当前连接具有相同目标主机的连接数
dst_host_diff_ srv_ rate	前100个连接中，与当前连接具有相同目标主机不同服务的连接所占的百分比

类别	分类率
类别	normal	probe	DoS	U2R	R2L
normal	98.31%	0.19%	0.76%	0.25%	0.49%
probe	0.13%	99.47%	0.05%	0.28%	0.07%
DoS	0.87%	0.03%	98.94%	0.1%	0.06%
U2R	0	0.25%	0.41%	98.92%	0.42%
R2L	0	0.4%	0.13%	0.46%	99.01%

类别	分类率
类别	normal	probe	DoS	U2R	R2L
normal	98.33%	0.12%	0.52%	0.32%	0.71%
probe	0.18%	98.52%	0.25%	0.68%	0.37%
DoS	1.17%	0.33%	97.82%	0.52%	0.16%
U2R	0.03%	0.24%	0.61%	98.73%	0.39%
R2L	0.07%	0.31%	0.16%	0.45%	99.01%

样本数量/个	检测率
样本数量/个	训练集	测试集
5 000	95.69%	94.64%
8 000	97.10%	96.87%
11 000	97.70%	97.26%
14 000	98.67%	98.35%
17 000	98.94%	98.43%
20 000	98.93%	98.48%

Network intrusion detection method based on improved FCM and rule parameter optimization in cloud environment

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 7

References 15

Related Articles 15

Metrics

Recommended 0

[1]	Kaihui GAO, Dan LI. Data center networks with performance guarantee: a survey [J]. Telecommunications Science, 2023, 39(6): 1-21.
[2]	Yu LI, Zhaozhao LI, Ping LYU, Qinrang LIU. Design on the full-dimensional reconfiguration polymorphic network switching chip architecture [J]. Telecommunications Science, 2023, 39(6): 22-32.
[3]	Jiong LI, Yuxiang HU, Pengshuai CUI, Le TIAN, Yongji DONG. Research on incremental deployment mechanism of network modality for polymorphic network environment [J]. Telecommunications Science, 2023, 39(6): 33-43.
[4]	Zehua GUO, Haowen ZHU, Tongwen XU. Network modal innovation for distributed machine learning [J]. Telecommunications Science, 2023, 39(6): 44-51.
[5]	Aihua LIU, Hanguang LUO, Jianzhong WEN, Zhiguo ZHAN. Research on isolated-forwarding technology oriented polymorphic network [J]. Telecommunications Science, 2023, 39(6): 52-60.
[6]	Tao ZOU, Huifeng ZHANG, Wanxin GAO, Qi XU, Congqi SHEN, Jun ZHU, Zhongxia PAN, Xingchang GUO. Research on polymorphic network application technology oriented intelligent manufacturing [J]. Telecommunications Science, 2023, 39(6): 61-72.
[7]	Yaoyu HE, Chao ZHANG. Airworthiness analysis of low earth orbit satellite communication technology for UAV application [J]. Telecommunications Science, 2023, 39(6): 96-104.
[8]	Fubin WANG, Shiyuan SUN, Menghui WANG, Fang YANG, Xiaofei WANG, Jian SONG. Key technologies of visible light communications with multiple LEDs [J]. Telecommunications Science, 2023, 39(5): 3-10.
[9]	Tianyang MA, Xiongbin CHEN, Yiwu XU. Zero power light labeling based on visible light communication [J]. Telecommunications Science, 2023, 39(5): 20-27.
[10]	Sicong LIU, Danping SU, Tiankuo WEI, Xianyao WANG. Multi-node cooperation based robust visible light intelligent positioning [J]. Telecommunications Science, 2023, 39(5): 28-41.
[11]	Jiawei HU, Xiaoqian LIU, Xinke TANG, Yuhan DONG. Trajectory planning of UUV-assisted UWOC systems based on DQN [J]. Telecommunications Science, 2023, 39(5): 42-47.
[12]	Xiaoqian LIU, Xinke TANG, Yuhan DONG. Spatial channel modeling for MIMO underwater wireless optical links [J]. Telecommunications Science, 2023, 39(5): 48-56.
[13]	Sihong ZHANG, Jian ZHANG. Impact and countermeasures of generative AI represented by ChatGPT on the telecom industry [J]. Telecommunications Science, 2023, 39(5): 67-75.
[14]	Xiaoliang MA, Ying LIU, Dequan DU, Lingling AN. Key technologies and development trends of intelligent customer service for operators [J]. Telecommunications Science, 2023, 39(5): 76-89.
[15]	Xinxin TANG, Xuewen ZENG, Zhiyuan LING, Lei SONG. Overview of programmable data plane technology [J]. Telecommunications Science, 2023, 39(4): 1-16.