基于网络流量异常分析的无线网络入侵检测算法

IF 4.3 3区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Egyptian Informatics Journal Pub Date : 2025-04-29 DOI:10.1016/j.eij.2025.100689

Xiangqian Nie, Jiao Xing, Qimeng Li, Fan Xiao

{"title":"基于网络流量异常分析的无线网络入侵检测算法","authors":"Xiangqian Nie, Jiao Xing, Qimeng Li, Fan Xiao","doi":"10.1016/j.eij.2025.100689","DOIUrl":null,"url":null,"abstract":"<div><div>Due to the openness and sharing nature of wireless networks, they are vulnerable to various network attacks. To promptly identify and mitigate abnormal behaviors while ensuring normal operation and security, this paper proposes an algorithm for detecting compromised nodes in wireless networks based on network traffic anomaly analysis. In the proposed detection architecture, a network traffic data acquisition module mines and reconstructs real-time traffic data from wireless nodes, removing redundant information. The processed data is then fed into an anomaly analysis module, where abnormal traffic features are extracted and dimensionality-reduced via a stacked autoencoder to form standardized anomaly profiles. These features are analyzed by an intrusion detection module combining particle swarm optimization and support vector machine algorithms. Experimental results demonstrate that the algorithm efficiently extracts traffic anomalies, accurately detects attack duration and traffic volume changes in compromised nodes, and maintains a false detection rate below 6 %.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"30 ","pages":"Article 100689"},"PeriodicalIF":4.3000,"publicationDate":"2025-04-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Intrusion detection algorithm of wireless network based on network traffic anomaly analysis\",\"authors\":\"Xiangqian Nie, Jiao Xing, Qimeng Li, Fan Xiao\",\"doi\":\"10.1016/j.eij.2025.100689\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Due to the openness and sharing nature of wireless networks, they are vulnerable to various network attacks. To promptly identify and mitigate abnormal behaviors while ensuring normal operation and security, this paper proposes an algorithm for detecting compromised nodes in wireless networks based on network traffic anomaly analysis. In the proposed detection architecture, a network traffic data acquisition module mines and reconstructs real-time traffic data from wireless nodes, removing redundant information. The processed data is then fed into an anomaly analysis module, where abnormal traffic features are extracted and dimensionality-reduced via a stacked autoencoder to form standardized anomaly profiles. These features are analyzed by an intrusion detection module combining particle swarm optimization and support vector machine algorithms. Experimental results demonstrate that the algorithm efficiently extracts traffic anomalies, accurately detects attack duration and traffic volume changes in compromised nodes, and maintains a false detection rate below 6 %.</div></div>\",\"PeriodicalId\":56010,\"journal\":{\"name\":\"Egyptian Informatics Journal\",\"volume\":\"30 \",\"pages\":\"Article 100689\"},\"PeriodicalIF\":4.3000,\"publicationDate\":\"2025-04-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Egyptian Informatics Journal\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1110866525000829\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Egyptian Informatics Journal","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1110866525000829","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

摘要

由于无线网络的开放性和共享性，极易受到各种网络攻击。为了在保证网络正常运行和安全的前提下及时识别和缓解异常行为，本文提出了一种基于网络流量异常分析的无线网络受损节点检测算法。在所提出的检测体系结构中，网络流量数据采集模块从无线节点中挖掘和重构实时流量数据，去除冗余信息。然后将处理后的数据输入异常分析模块，在该模块中，通过堆叠自编码器提取异常交通特征并进行降维，形成标准化的异常概况。利用粒子群算法和支持向量机算法相结合的入侵检测模块对这些特征进行分析。实验结果表明，该算法能够有效地提取流量异常，准确地检测出被攻击节点的攻击持续时间和流量变化，并将检测错误率保持在6%以下。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Intrusion detection algorithm of wireless network based on network traffic anomaly analysis

Due to the openness and sharing nature of wireless networks, they are vulnerable to various network attacks. To promptly identify and mitigate abnormal behaviors while ensuring normal operation and security, this paper proposes an algorithm for detecting compromised nodes in wireless networks based on network traffic anomaly analysis. In the proposed detection architecture, a network traffic data acquisition module mines and reconstructs real-time traffic data from wireless nodes, removing redundant information. The processed data is then fed into an anomaly analysis module, where abnormal traffic features are extracted and dimensionality-reduced via a stacked autoencoder to form standardized anomaly profiles. These features are analyzed by an intrusion detection module combining particle swarm optimization and support vector machine algorithms. Experimental results demonstrate that the algorithm efficiently extracts traffic anomalies, accurately detects attack duration and traffic volume changes in compromised nodes, and maintains a false detection rate below 6 %.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Egyptian Informatics Journal Decision Sciences-Management Science and Operations Research

CiteScore

11.10

自引率

1.90%

发文量

审稿时长

110 days

期刊介绍： The Egyptian Informatics Journal is published by the Faculty of Computers and Artificial Intelligence, Cairo University. This Journal provides a forum for the state-of-the-art research and development in the fields of computing, including computer sciences, information technologies, information systems, operations research and decision support. Innovative and not-previously-published work in subjects covered by the Journal is encouraged to be submitted, whether from academic, research or commercial sources.