Wang Hui, Wang Dongming, Li Dejian, Zeng Lin, Wang Zhe
{"title":"一种基于无监督学习的网络入侵检测框架","authors":"Wang Hui, Wang Dongming, Li Dejian, Zeng Lin, Wang Zhe","doi":"10.1109/AIID51893.2021.9456542","DOIUrl":null,"url":null,"abstract":"Anomaly detection is the primary method of detecting intrusion. Unsupervised models, such as auto-encoders network, auto-encoder, and GMM, are currently the most widely used anomaly detection techniques. In reality, the samples used to train the unsupervised model may not be pure enough and may include some abnormal samples. However, the classification effect is poor since these approaches do not completely understand the association between reconstruction errors, reconstruction characteristics, and irregular sample density distribution. This paper proposes a novel intrusion detection system architecture that includes data collection, processing, and feature extraction by integrating data reconstruction features, reconstruction errors, auto-encoder parameters, and GMM. Our system outperforms other unsupervised learning-based detection approaches in terms of accuracy, recall, F1-score, and other assessment metrics after training and testing on multiple intrusion detection data sets.","PeriodicalId":412698,"journal":{"name":"2021 IEEE International Conference on Artificial Intelligence and Industrial Design (AIID)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Framework For Network Intrusion Detection Based on Unsupervised Learning\",\"authors\":\"Wang Hui, Wang Dongming, Li Dejian, Zeng Lin, Wang Zhe\",\"doi\":\"10.1109/AIID51893.2021.9456542\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Anomaly detection is the primary method of detecting intrusion. Unsupervised models, such as auto-encoders network, auto-encoder, and GMM, are currently the most widely used anomaly detection techniques. In reality, the samples used to train the unsupervised model may not be pure enough and may include some abnormal samples. However, the classification effect is poor since these approaches do not completely understand the association between reconstruction errors, reconstruction characteristics, and irregular sample density distribution. This paper proposes a novel intrusion detection system architecture that includes data collection, processing, and feature extraction by integrating data reconstruction features, reconstruction errors, auto-encoder parameters, and GMM. Our system outperforms other unsupervised learning-based detection approaches in terms of accuracy, recall, F1-score, and other assessment metrics after training and testing on multiple intrusion detection data sets.\",\"PeriodicalId\":412698,\"journal\":{\"name\":\"2021 IEEE International Conference on Artificial Intelligence and Industrial Design (AIID)\",\"volume\":\"37 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-05-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE International Conference on Artificial Intelligence and Industrial Design (AIID)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AIID51893.2021.9456542\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE International Conference on Artificial Intelligence and Industrial Design (AIID)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AIID51893.2021.9456542","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Framework For Network Intrusion Detection Based on Unsupervised Learning
Anomaly detection is the primary method of detecting intrusion. Unsupervised models, such as auto-encoders network, auto-encoder, and GMM, are currently the most widely used anomaly detection techniques. In reality, the samples used to train the unsupervised model may not be pure enough and may include some abnormal samples. However, the classification effect is poor since these approaches do not completely understand the association between reconstruction errors, reconstruction characteristics, and irregular sample density distribution. This paper proposes a novel intrusion detection system architecture that includes data collection, processing, and feature extraction by integrating data reconstruction features, reconstruction errors, auto-encoder parameters, and GMM. Our system outperforms other unsupervised learning-based detection approaches in terms of accuracy, recall, F1-score, and other assessment metrics after training and testing on multiple intrusion detection data sets.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
