Journal on Communications ›› 2013, Vol. 34 ›› Issue (9): 166-176.doi: 10.3969/j.issn.1000-436x.2013.09.020
• Technical Report • Previous Articles Next Articles
Ling ZHANG1,2,Zhong-ying BAI1,Shou-shan LUO1,2,Kang XIE2,3,Guan-ning CUI1,2,Mao-hua SUN1,2
Online:
2013-09-25
Published:
2017-07-05
Supported by:
Ling ZHANG,Zhong-ying BAI,Shou-shan LUO,Kang XIE,Guan-ning CUI,Mao-hua SUN. Integrated intrusion detection model based on rough set and artificial immune[J]. Journal on Communications, 2013, 34(9): 166-176.
"
类别 | 方法 | 文献 | 检测率 | 虚警率 |
免疫原理 | RFID | [ | 约0.98 | 约0.006 |
克隆免疫 | [ | 大于0.95 | 约0.14 | |
IAIS | [ | 0.969 1 | 0.032 1 | |
NIDAAC | [ | 0.956 2~0.960 6 | 0.019 5~0.040 4 | |
免疫代理 | [ | 0.084~0.995 | 无 | |
NSA | [ | 约0.95 | 约0.01 | |
DCA | [ | 约0.75 | 约0 | |
粗糙集 | RSSVM | [ | 约0.98 | 约0.05 |
综合分类算法 | [ | 94.24 | 0.28 | |
RS-FSVM | [ | 0.90 | 14.24 | |
其他算法 | AdaBoost | [ | 0.900 4~0.908 8 | 0.065 5~0.089 |
K-NN | [ | 0.910 0 | 0.080 0 | |
HMM | [ | 0.951 6(平均) | 0.013 2(平均) | |
PNrule | [ | 0.911 0 | 0.004 0 | |
FSA | [ | 0.987(误用) | 0.042 8 | |
0.944(异常) | 0.122 | |||
RSAI-IID | 本文 | 0.978 6 | 0.026 8 |
[1] | ANDERSON J P . Computer Security Threat Monitoring and illance[R]. Pennsylvania, 1980. |
[2] | 卿斯汉, 蒋建春, 马恒太 . 入侵检测技术研究综述[J]. 通信学报, 2004,24(7): 19-29. QING S H , JIANG J C , MA H T . Research on intrusion detection techniques:a survey[J]. Journal on Communications, 2004,24(7): 19-29. |
[3] | DENNING DOROTHY E . An intrusion deteetion model[J]. IEEE Transaction on Software Engineer on Software Engineering, 1987,13(2): 222-232. |
[4] | FORREST S , PERELSON A , ALLEN L ,et al. Self-nonself diserimination in a computer[A]. Proeeedings of the 1994 IEEE Symposium on Research in Security and Privacy[C]. Los Alamitos, 1994. 202-212. |
[5] | HOFMEYR S , FORREST S . Architecture for an artificial i mune system[J]. Evolutionary Computation, 2000,8(4): 443-473. |
[6] | YANG H , GUO J H , DENG FQ . Collaborative RFID intrusion detection with an artificial immune system[J]. Journal of Intelligent Information Systems, 2011,36(1): 1-26. |
[7] | 梁可心, 李涛, 刘勇 . 一种基于人工免疫理论的新型入侵检测模型[J]. 计算机工程与应用, 2005,41(2): 129-133. LIANG K X , LI T , LIU Y . A new model of intrusion detecti based on artificial immune theory[J]. Computer Engineering and Applications, 2005,41(2): 129-133. |
[8] | OU C M . Host-based intrusion detection systems adapted from agent-based artificial immune systems[J]. Neuro Computing, 2011,88(1): 1-9. |
[9] | 陈岳兵, 冯超, 张权 . 面向入侵检测的集成人工免疫系统[J]. 通信学报, 2012,33(2): 125-131. CHEN Y B , FENG C , ZHANG Q . Integrated artificial immune system for intrusion detection[J]. Journal on Communications, 2012,33(2): 125-131. |
[10] | ZENG J , LIU X J , LI T ,et al. A novel intrusion detection approach learned from the change of antibody concentration in b logical immune response[J]. Springer Applied Intelligence, 2011,35(1): 41-62. |
[11] | LI Y Z , JING C W , XU J . A New Distributed Intrusion Detection Method Based on Immune Mobile Agent[R]. Berlin Springe, 2010.233-243. |
[12] | PAWLAK Z . Rough sets[J]. International Journal of Comp and Information Science, 1982,11(5): 341-356. |
[13] | PAWLAK Z , GZYMALA BUSSE J , SLOWINSKI R . Rough sets[J]. Communications of the ACM, 1995,38(11): 88-95. |
[14] | GU C H , ZHANG X Q . A rough set and SVM based intrusion detection classifier[A]. 2009 the Second International Workshop Computer Science and Engineering[C]. Qingdao,China, 2009.155: 106-110. |
[15] | 朱有产, 熊伟, 静永文 . 基于Rough Set 理论的综合分类器设计与实现[J]. 通信学报, 2006,24(11): 63-67. ZHU Y C , XIONG W , JING Y W . Design and realization of integrated classifier based on Rough Set[J]. Journal on Communications, 2006,24(11): 63-67. |
[16] | LI L , ZHAO K N . A new intrusion detection system based on rough set theory and fuzzy support vector machine[A]. IEEE I lligent Systems and Applications (ISA)[C]. Wuhan,China, 2011. 1-5. |
[17] | 前进, 苗夺谦, 张泽华 . 云计算下知识约简算法[J]. 计算机学报, 2011,34(12): 2332-2343. QIAN J , MIAO D Q , ZHANG Z H . Knowledge reduction algor thms in cloud computing[J]. Chinese Journal of Computers, 2011,34(12): 2332-2343. |
[18] | 苗夺谦, 李道国 . 粗糙集理论、算法及应用[M]. 北京: 清华大学出版社, 2008. MIAO D Q , LI D G . Rough Sets Theory Algorithms and Applications[M]. Beijing: Tsinghua University PressPress, 2008. |
[19] | GONZALEZ F A , DASGUPTA D . Anomaly detection using realvalued negative selection[J]. Genetic Programming and Evolvable Machine, 2003,4(4): 383-403. |
[20] | GREENSMITH J , TWYCROSS J , AICKELIN U . Dendritic cells for anomaly detection[A]. IEEE Congress on Evolutionary Computation (CEC2006)[C]. Vancouver,Canada, 2006. 664-671. |
[21] | GU F , GREENSMITH J , AICKELIN U . Further exploration of the dendritic cell algorithm[A]. International Conference n Artificial Immune System[C]. Phuket Thailand, 2008. 142-153. |
[22] | HU W M , HU W , MAYBANK S . Adaboost-based algorithm for network intrusion detection[A]. IEEE Trans Syst Man Cybern Part B-Cybern[C]. Beijing,China, 2008. 577-583. |
[23] | KAYACIK H G,ZINCIR-HEYWOOD A N , HEYWOOD M I . Selecting features for intrusion detection:a feature relevance analysis on KDD 99 intrusion detection datasets[A]. The Third Annual Conference on Privacy,Security and Trust[C]. New Brunswick,Canada, 2006. 85-89. |
[24] | 邬书跃, 田新广 . 基于隐马尔可夫模型的用户行为异常检测新方法[J]. 通信学报, 2007,28(4): 38-43. WU S Y , TIAN X G . Method for anomaly detection of user behaviors based on hidden Markov models[J]. Journal on Communications, 2007,28(4): 38-43. |
[25] | AGARWAL R , JOSHI M V . PNrule:a new framework for lear ing classifier models in data mining (a case-study in network intrusion detection)[A]. The First SIAM Conference on Data Mining[C]. Chicago,USA, 2001. 1-17. |
[26] | SHINGO M , CHEN C , LU N N . Intrusion-detection model based on fuzzy class-association-rule mining using genetic programming network[J]. IEEE Transactions on Systems,Man,and Cybernetics, 2011,41(1): 130-139. |
[1] | Weigang HUO, Rui LIANG, Yonghua LI. Anomaly detection model for multivariate time series based on stochastic Transformer [J]. Journal on Communications, 2023, 44(2): 94-103. |
[2] | Jianxin LIAO, Xiaoyuan FU, Qi QI, Jingyu WANG, Haifeng SUN. 6G-ADM: knowledge based 6G network management and control architecture [J]. Journal on Communications, 2022, 43(6): 3-15. |
[3] | Xueyuan DUAN, Yu FU, Kun WANG. Multi-dimensional time series anomaly detection method based on VAE-WGAN [J]. Journal on Communications, 2022, 43(3): 1-13. |
[4] | Ping WU, Chaowen CHANG, Zhibin ZUO, Yingying MA. Address overloading-based packet forwarding verification in SDN [J]. Journal on Communications, 2022, 43(3): 88-100. |
[5] | Haili SUN, Xiang LONG, Lansheng HAN, Yan HUANG, Qingbo LI. Overview of anomaly detection techniques for industrial Internet of things [J]. Journal on Communications, 2022, 43(3): 196-210. |
[6] | Zhuo CHEN, Miao ZHU, Junwei DU. Multi-view graph neural network for fraud detection algorithm [J]. Journal on Communications, 2022, 43(11): 225-232. |
[7] | Xueyuan DUAN, Yu FU, Kun WANG, Taotao LIU, Bin LI. Network traffic anomaly detection method based on multi-scale characteristic [J]. Journal on Communications, 2022, 43(10): 65-76. |
[8] | Tieming CHEN,Chengqiang JIN,Mingqi LYU,Tiantian ZHU. Intelligent detection method on network malicious traffic based on sample enhancement [J]. Journal on Communications, 2020, 41(6): 128-138. |
[9] | Qi QI,Runye SHEN,Jingyu WANG. GAD:topology-aware time series anomaly detection [J]. Journal on Communications, 2020, 41(6): 152-160. |
[10] | Xiaohui YANG,Shengchang ZHANG. Anomaly detection model based on multi-grained cascade isolation forest algorithm [J]. Journal on Communications, 2019, 40(8): 133-142. |
[11] | Yi-wei GAO,Rui-kang ZHOU,Ying-xu LAI,Ke-feng FAN,Xiang-zhen YAO,Lin LI. Research on industrial control system intrusion detection method based on simulation modelling [J]. Journal on Communications, 2017, 38(7): 186-198. |
[12] | Zhi-jun WU,Jing-an ZHANG,Meng YUE,Cai-feng ZHANG. Approach of detecting low-rate DoS attack based on combined features [J]. Journal on Communications, 2017, 38(5): 19-30. |
[13] | Ying-xu LAI,Zeng-hui LIU,Xiao-tian CAI,Kai-xiang YANG. Research on intrusion detection of industrial control system [J]. Journal on Communications, 2017, 38(2): 143-156. |
[14] | Tai-ming ZHU,Yuan-bo GUO,An-kang JU,Jun MA. Business process mining based insider threat detection system [J]. Journal on Communications, 2016, 37(Z1): 180-188. |
[15] | . Research on network anomaly detection based on one-class SVM and active learning [J]. Journal on Communications, 2015, 36(11): 136-146. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|