Masquerade intrusion detection method and device based on deep neural network

A technology of deep neural network and intrusion detection, which is applied to biological neural network models, neural architectures, computer security devices, etc. It can solve the problems of low accuracy of intrusion detection and the inability to accurately capture the timing of behavior sequences, so as to improve accuracy Effect

Active Publication Date: 2017-07-14
STATE GRID CORP OF CHINA +1
View PDF5 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, the above-mentioned anomaly detection methods cannot accurately capture the timing of the entire behavior sequence, resulting in low accuracy of intrusion detection.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Masquerade intrusion detection method and device based on deep neural network
  • Masquerade intrusion detection method and device based on deep neural network
  • Masquerade intrusion detection method and device based on deep neural network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of this application.

[0036] Embodiments of the present invention provide a method for detecting masquerading intrusions based on a deep neural network, such as figure 1 As shown, the method includes:

[0037] S100. Obtain behavior flow data of at least two users within a preset time period;

[0038] Among them, the behavior flow data of all legal users in the enterprise in a few months or a year can be obtained, where the data source of the behavior flow data can be the system shell command records, user acces...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a masquerade intrusion detection method based on a deep neural network. The masquerade intrusion detection method comprises obtaining behavior flow data of at least two users; initializing a super parameter set and a parameter set; acquiring positive samples and negative samples to form a training data set by aiming at each user; sequentially calculating the parameter value of each parameter by means of the training data set, a loss function and an optimization algorithm; querying behavior data corresponding to the behavior sequence to be detected of the user from a behavior embedding representation query table and adding the behavior data to a behavior embedding representation sequence; carrying out convolution operation, pooling operation and operation corresponding to the long short-term memory artificial neural network on the behavior embedding representation sequence to obtain a second behavior sequence; calculating the probability of that the second behavior sequence is a normal behavior sequence; and determining whether the user's behavior is a masquerade intrusion behavior or not in dependence on the probability value. According to the invention, local strong relativity, long-range dependence and time sequence of the behavior are taken into account at the same time, and the masquerade intrusion detection accuracy is improved.

Description

technical field [0001] The present application relates to the technical field of information data processing, and more specifically, to a detection method and device for masquerading and intrusion. Background technique [0002] Masquerade intrusion refers to the intrusion behavior that unauthorized users enter a certain system by pretending to be legitimate users, access and modify key data or perform other illegal operations. This intrusion has become one of the most serious security threats to computer and network infrastructure. [0003] The current masquerade intrusion detection methods mostly use the anomaly detection method. The anomaly detection method is based on the masquerading intrusion detection based on the relevant information of user behavior. This type of method considers the relevant information between adjacent behaviors through the n-gram model, and at the same time considers adjacent behaviors. The two types of related information, such as non-adjacent be...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56H04L29/06G06N3/04
CPCG06F21/566G06N3/04G06N3/049H04L63/1416
Inventor 刘俊恺夏飞王毅张立强余伟吴立斌张明明李鹏季晓凯蒋铮王艳青彭轼魏桂臣丁一新张利李萌黄高攀汤雷
Owner STATE GRID CORP OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap