Self-adaptive updating network intrusion detection method

A network intrusion detection and adaptive update technology, applied in the field of cyberspace security, can solve problems such as being unable to adapt to changes in the environment, not having automatic update learning, and unable to automatically trigger automatic update of intrusion detection models.

Active Publication Date: 2021-09-10
SICHUAN UNIV
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The purpose of the present invention is to provide an adaptive update network intrusion detection method, which is used to solve the problem that the traditional network intrusion detection method cannot automatically trigger the automatic update of the intrusion detection model, does not have the ability of automatic update and learning, and cannot adapt to changes in the environment question

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Self-adaptive updating network intrusion detection method
  • Self-adaptive updating network intrusion detection method
  • Self-adaptive updating network intrusion detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0071] combine figure 1 As shown, an adaptive update network intrusion detection method, including:

[0072] Step S100: training multiple classification models in different feature spaces through feature space mapping;

[0073] Step S200: Multiple classification models cooperate to perform intrusion detection;

[0074] Step S300: multiple classification models are automatically updated and triggered according to the difference between the current sample distribution and the historical sample distribution;

[0075] Step S400: Multiple classification models cooperate to perform adaptive update.

[0076] Periodically calculate the relative entropy changes between the newly collected sample distribution and the historical sample distribution, and automatically determine the timing of triggering the update of the intrusion detection model; 2) Through the collaborative learning of multi-classification models, the adaptive update of the intrusion detection model is realized.

[0077...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a self-adaptive updating network intrusion detection method. The method comprises the following steps that a plurality of classification models are trained in different feature spaces through feature space mapping; a plurality of classification models cooperate to perform intrusion detection; the plurality of classification models are automatically updated and triggered according to the difference between the current sample distribution and the historical sample distribution; and a plurality of classification models cooperatively perform adaptive updating. The opportunity of triggering update of the intrusion detection model is automatically determined by periodically calculating the change condition of the relative entropy of the newly collected sample distribution and the historical sample distribution; and through collaborative learning of the multi-classification model, adaptive updating of the intrusion detection model is realized, and the method can better adapt to environment change.

Description

technical field [0001] The invention relates to the technical field of network space security, in particular to an adaptive update network intrusion detection method. Background technique [0002] With the advent of the era of big data and artificial intelligence, Internet attack patterns are diversified, large-scale, and intelligent, and the attack duration is longer, faster, and the implementation cost is lower. Most of the attackers operate in groups, and most of them have specific attack targets, mainly targeting the core business systems of enterprises and institutions, and comprehensively using loopholes, social workers, new Trojan horses and other means. [0003] The traditional network intrusion detection uses the machine learning model, and the traditional machine learning model is based on the theory of structural risk minimization. It is believed that as long as the model satisfies the minimization of empirical risk and confidence risk on the training sample set, ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/04G06N3/08G06F21/57
CPCG06N3/08G06F21/57G06N3/045G06F18/22G06F18/2135G06F18/2411
Inventor 陈文顾守珂康明
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap