Network intrusion detection model SGM-CNN based on class imbalance processing

A technology of network intrusion detection and balanced processing, applied in biological neural network models, electrical components, transmission systems, etc., can solve problems such as not considering data classification performance, reducing detection rate, class imbalance, etc., to achieve outstanding substantive features , improve the detection rate, avoid the effect of time and space cost

Inactive Publication Date: 2020-10-02
ZHENGZHOU UNIV
View PDF0 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, previous studies did not consider the impact of data class imbalance on classification performance, which greatly reduces the detection rate, especially the detection rate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network intrusion detection model SGM-CNN based on class imbalance processing
  • Network intrusion detection model SGM-CNN based on class imbalance processing
  • Network intrusion detection model SGM-CNN based on class imbalance processing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The technical solutions of the present invention will be described in further detail below through specific implementation methods.

[0034] like figure 1 As shown, a network intrusion detection method based on class imbalance processing technology, the method includes:

[0035] Obtain the network data flow to be identified;

[0036] The network data flow to be identified is input into a pre-established intrusion detection model based on a one-dimensional convolutional neural network (1DCNN), and a detection result of the network data flow is output.

[0037] The network intrusion detection model based on class imbalance processing technology is established in the following manner:

[0038] Obtain the network data flow to be identified, and perform data preprocessing on the data flow sample.

[0039] Specifically, the data sample is preprocessed in the following manner:

[0040] (1) Feature digitization: Since machine learning algorithms cannot directly process nomi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

For the data class imbalance problem, the present invention provides an effective network intrusion detection model SGM-CNN based on a Synthetic Minority Over-Sampling Technique (SMOTE) and a GaussianMixture Model (GMM) based on a data flow. According to the technical scheme, the method comprises the steps of firstly obtaining a to-be-identified network data flow; and preprocessing the data stream, inputting the preprocessed data stream into a pre-established network intrusion detection model based on a one-dimensional convolutional neural network (1D CNN), and outputting a detection result of the network data stream. The invention provides a class imbalance processing technology, namely an SGM, for large-scale data. The SGM firstly uses SMOTE to perform oversampling on minority class samples, then uses GMM to perform clustering-based downsampling on majority class samples, and finally balances data of each class. According to the SGM method, expensive time and space cost caused by oversampling is avoided, the situation that important samples are lost due to random downsampling is avoided, and the detection rate of minority classes is remarkably increased.

Description

technical field [0001] The invention belongs to the field of intrusion detection in network security, and in particular relates to a data flow-based network intrusion detection model based on class imbalance processing. Background technique [0002] According to Cisco's forecast, from 2017 to 2022, the number of connected smart devices will double, resulting in a rapid five-fold increase in data traffic. As networks continue to expand in scope and scale, the threat of network intrusion is greater than ever. Under such circumstances, intrusion detection systems (IDS), which are widely used to sniff and detect different types of network intrusions, need to keep pace with the times to meet the increasing demand for network security assurance. Modern NIDS mainly fall into two categories: rule-based misuse detection and statistics-based anomaly detection. The former is used to store a database of attributes of all known attacks, and if the extracted attributes match those in th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06G06N3/08G06N3/04
CPCH04L63/1416G06N3/08G06N3/045
Inventor 张宏坡黄璐璐董忠仁张洋
Owner ZHENGZHOU UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap