通信学报 ›› 2024, Vol. 45 ›› Issue (1): 106-118.doi: 10.11959/j.issn.1000-436x.2024020
• 学术论文 • 上一篇
吴昊1,2, 郝佳佳1,2, 卢云龙1,2
修回日期:
2023-12-13
出版日期:
2024-01-01
发布日期:
2024-01-01
作者简介:
吴昊(1973- ),女,江苏常熟人,博士,北京交通大学教授、博士生导师,主要研究方向为云边协同智能、异构网络安全等基金资助:
Hao WU1,2, Jiajia HAO1,2, Yunlong LU1,2
Revised:
2023-12-13
Online:
2024-01-01
Published:
2024-01-01
Supported by:
摘要:
为了解决物联网网络入侵检测系统无法识别新型攻击、灵活性有限等问题,基于蜜场提出了一种能有效识别异常流量和具备持续学习能力的网络入侵检测系统。首先,结合卷积块注意力模块的特点,构建专注于通道和空间双维度的异常流量检测模型,从而提高模型的识别能力。其次,利用联邦学习下的模型训练方案,提高模型的泛化能力。最后,基于蜜场对边缘节点的异常流量检测模型进行更新迭代,从而提高系统对新型攻击流量的识别准确度。实验结果表明,所提系统不仅能有效检测出网络流量中的异常行为,还可以持续提高对异常流量的检测性能。
中图分类号:
吴昊, 郝佳佳, 卢云龙. 物联网场景下基于蜜场的分布式网络入侵检测系统研究[J]. 通信学报, 2024, 45(1): 106-118.
Hao WU, Jiajia HAO, Yunlong LU. Research on distributed network intrusion detection system for IoT based on honeyfarm[J]. Journal on Communications, 2024, 45(1): 106-118.
表3
各模型的各项性能指标对比"
NIDS模型 | Accuracy | 异常流量样本 | 正常流量样本 | |||||
Precision | Recall | F1-score | Precision | Recall | F1-score | |||
LocalCBAM | 88.88% | 99.93% | 59.39% | 74.50% | 86.73% | 99.98% | 92.89% | |
FedAE | 91.98% | 99.98% | 70.70% | 82.83% | 90.06% | 99.99% | 94.77% | |
FedCAE | 93.19% | 99.82% | 75.26% | 85.81% | 91.47% | 99.94% | 95.52% | |
FedCBAM | 94.47% | 98.76% | 80.81% | 88.89% | 93.24% | 99.62% | 96.32% |
[1] | SISINNI E , SAIFULLAH A , HAN S ,et al. Industrial Internet of things:challenges,opportunities,and directions[J]. IEEE Transactions on Industrial Informatics, 2018,14(11): 4724-4734. |
[2] | GATOUILLAT A , BADR Y , MASSOT B ,et al. Internet of medical things:a review of recent contributions dealing with cyber-physical systems in medicine[J]. IEEE Internet of Things Journal, 2018,5(5): 3810-3822. |
[3] | ARASTEH H , HOSSEINNEZHAD V , LOIA V ,et al. IoT-based smart cities:a survey[C]// Proceedings of 2016 IEEE 16th International Conference on Environment and Electrical Engineering (EEEIC). Piscataway:IEEE Press, 2016: 1-6. |
[4] | ALAA M , ZAIDAN A A , ZAIDAN B B ,et al. A review of smart home applications based on Internet of things[J]. Journal of Network and Computer Applications, 2017,97: 48-65. |
[5] | SCHILLER E , AIDOO A , FUHRER J ,et al. Landscape of IoT security[J]. Computer Science Review, 2022,44:100467. |
[6] | NGUYEN X H , NGUYEN X D , HUYNH H H ,et al. Realguard:a lightweight network intrusion detection system for IoT gateways[J]. Sensors, 2022,22(2): 432. |
[7] | CAO B , LI C , SONG Y ,et al. Network intrusion detection model based on CNN and GRU[J]. Applied Sciences, 2022,12(9): 4184. |
[8] | MUHAMMAD G , HOSSAIN M S , GARG S . Stacked autoencoder-based intrusion detection system to combat financial fraudulent[J]. IEEE Internet of Things Journal, 2023,10(3): 2071-2078. |
[9] | SABIR M , AHMAD J , ALGHAZZAWI D . A lightweight deep autoencoder scheme for cyberattack detection in the Internet of things[J]. Computer Systems Science and Engineering, 2023,46(1): 57-72. |
[10] | YAO W , HU L , HOU Y ,et al. A lightweight intelligent network intrusion detection system using one-class autoencoder and ensemble learning for IoT[J]. Sensors, 2023,23(8): 4141. |
[11] | KHAN F A , GUMAEI A , DERHAB A ,et al. A novel two-stage deep learning model for efficient network intrusion detection[J]. IEEE Access, 2019,7: 30373-30385. |
[12] | BASATI A , FAGHIH M M . PDAE:efficient network intrusion detection in IoT using parallel deep auto-encoders[J]. Information Sciences, 2022,598: 57-74. |
[13] | SHONE N , NGOC T N , PHAI V D ,et al. A deep learning approach to network intrusion detection[J]. IEEE Transactions on Emerging Topics in Computational Intelligence, 2018,2(1): 41-50. |
[14] | MOTHUKURI V , PARIZI R M , POURIYEH S ,et al. A survey on security and privacy of federated learning[J]. Future Generation Computer Systems, 2021,115: 619-640. |
[15] | HUONG T T , BAC T P , LONG D M ,et al. Detecting cyberattacks using anomaly detection in industrial control systems:a federated learning approach[J]. Computers in Industry, 2021,132:103509. |
[16] | QIN Y , KONDO M . Federated learning-based network intrusion detection with a feature selection approach[C]// Proceedings of 2021 International Conference on Electrical,Communication,and Computer Engineering (ICECCE). Piscataway:IEEE Press, 2021: 1-6. |
[17] | CETIN B , LAZAR A , KIM J ,et al. Federated wireless network intrusion detection[C]// Proceedings of 2019 IEEE International Conference on Big Data (Big Data). Piscataway:IEEE Press, 2019: 6004-6006. |
[18] | MCMAHAN H B , MOORE E , RAMAGE D ,et al. Communication-efficient learning of deep networks from decentralized data[J]. arXiv Preprint,arXiv:1602.05629, 2016. |
[19] | CHOLAKOSKA A , PFITZNER B , GJORESKI H ,et al. Differentially private federated learning for anomaly detection in e-health networks[C]// Proceedings of the 2021 ACM International Joint Conference on Pervasive and Ubiquitous Computing and Proceedings of the 2021 ACM International Symposium on Wearable Computers. New York:ACM Press, 2021: 514-518. |
[20] | AMAL M R , VENKADESH P . H-doctor:honeypot based firewall tuning for attack prevention[J]. Measurement:Sensors, 2023,25:100664. |
[21] | PASHAEI A , AKBARI M E , ZOLFY L M ,et al. Early intrusion detection system using honeypot for industrial control networks[J]. Results in Engineering, 2022,16:100576. |
[22] | ELLOUH M , GHALEB M , FELEMBAN M . IoTZeroJar:towards a honeypot architecture for detection of zero-day attacks in IoT[C]// Proceedings of 2022 14th International Conference on Computational Intelligence and Communication Networks (CICN). Piscataway:IEEE Press, 2022: 765-771. |
[23] | ALMOHANNADI H , AWAN I , AL HAMAR J ,et al. Cyber threat intelligence from honeypot data using elasticsearch[C]// Proceedings of 2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA). Piscataway:IEEE Press, 2018: 900-906. |
[24] | ALBASEER A , ABDALLAH M . Fine-tuned LSTM-based model for efficient honeypot-based network intrusion detection system in smart grid networks[C]// Proceedings of 2022 5th International Conference on Communications,Signal Processing,and their Applications (ICCSPA). Piscataway:IEEE Press, 2022: 1-6. |
[25] | WOO S , PARK J , LEE J-Y ,et al. CBAM:convolutional block attention module[J]. arXiv Preprint,arXiv:1807.06521, 2018. |
[26] | MOUSTAFA N , SLAY J . UNSW-NB15:a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)[C]// Proceedings of 2015 Military Communications and Information Systems Conference (MilCIS). Piscataway:IEEE Press, 2015: 1-6. |
[27] | MOUSTAFA N , SLAY J . The evaluation of network anomaly detection systems:statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set[J]. Information Security Journal:A Global Perspective, 2016,25(1-3): 18-31. |
[28] | WANG Z , WANG P , SUN Z . SDN traffic anomaly detection method based on convolutional autoencoder and federated learning[C]// Proceedings of 2022 IEEE Global Communications Conference. Piscataway:IEEE Press, 2022: 4154-4160. |
[1] | 陈晓霖, 昝道广, 吴炳潮, 关贝, 王永吉. 面向纵向联邦学习的对抗样本生成算法[J]. 通信学报, 2023, 44(8): 1-13. |
[2] | 马卓, 金嘉玉, 杨易龙, 刘洋, 应作斌, 李腾, 张俊伟. 基于门限同态加密的自适应联邦学习安全聚合方案[J]. 通信学报, 2023, 44(7): 76-85. |
[3] | 张世铂, 高洪元, 苏雨萌, 程建华, 赵立帅. 安全雾计算物联网的联合资源配置方法[J]. 通信学报, 2023, 44(7): 26-37. |
[4] | 金彪, 李逸康, 姚志强, 陈瑜霖, 熊金波. GenFedRL:面向深度强化学习智能体的通用联邦强化学习框架[J]. 通信学报, 2023, 44(6): 183-197. |
[5] | 马鑫迪, 李清华, 姜奇, 马卓, 高胜, 田有亮, 马建峰. 面向Non-IID数据的拜占庭鲁棒联邦学习[J]. 通信学报, 2023, 44(6): 138-153. |
[6] | 张佳乐, 朱诚诚, 孙小兵, 陈兵. 基于GAN的联邦学习成员推理攻击与防御方法[J]. 通信学报, 2023, 44(5): 193-205. |
[7] | 田有亮, 吴柿红, 李沓, 王林冬, 周骅. 基于激励机制的联邦学习优化算法[J]. 通信学报, 2023, 44(5): 169-180. |
[8] | 姜慧, 何天流, 刘敏, 孙胜, 王煜炜. 面向异构流式数据的高性能联邦持续学习算法[J]. 通信学报, 2023, 44(5): 123-136. |
[9] | 余晟兴, 陈泽凯, 陈钟, 刘西蒙. DAGUARD:联邦学习下的分布式后门攻击防御方案[J]. 通信学报, 2023, 44(5): 110-122. |
[10] | 李开菊, 许强, 王豪. 冗余数据去除的联邦学习高效通信方法[J]. 通信学报, 2023, 44(5): 79-93. |
[11] | 王冬, 秦倩倩, 郭开天, 刘容轲, 颜伟鹏, 任一支, 罗清彩, 申延召. 联邦学习中的模型逆向攻防研究综述[J]. 通信学报, 2023, 44(11): 94-109. |
[12] | 马千飘, 贾庆民, 刘建春, 徐宏力, 谢人超, 黄韬. 异构边缘计算环境下异步联邦学习的节点分组与分时调度策略[J]. 通信学报, 2023, 44(11): 79-93. |
[13] | 汤凌韬, 王迪, 刘盛云. 面向非独立同分布数据的联邦学习数据增强方案[J]. 通信学报, 2023, 44(1): 164-176. |
[14] | 余晟兴, 陈钟. 基于同态加密的高效安全联邦学习聚合框架[J]. 通信学报, 2023, 44(1): 14-28. |
[15] | 范绍帅, 吴剑波, 田辉. 面向能量受限工业物联网设备的联邦学习资源管理[J]. 通信学报, 2022, 43(8): 65-77. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|