A network intrusion detection model end-to-end adversarial training defense method and device

By generating adversarial examples in the feature space and problem space and training them through dynamic game theory, the problem of insufficient adversarial example defense capability in network intrusion detection systems is solved, and the robustness and generalization ability of the model are improved.

CN121923942BActive Publication Date: 2026-06-19CHINA STATE SHIPBUILDING CORP LTD RESEARCH INSTITUTE 719

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
CHINA STATE SHIPBUILDING CORP LTD RESEARCH INSTITUTE 719
Filing Date
2026-03-26
Publication Date
2026-06-19

AI Technical Summary

Technical Problem

Existing network intrusion detection systems perform poorly when faced with adversarial examples, and existing defense methods are unable to effectively resist attacks with different perturbation intensities and spatialities, resulting in decreased model classification accuracy for clean traffic data, and a lack of diversity in training samples and a single strategy.

Method used

By setting up an adversarial sample generator based on adversarial domain constraints, adversarial samples in the feature space and problem space are generated. Through adversarial training and policy parameter optimization, a dynamic game mechanism is formed to generate diverse adversarial samples, ensuring that they comply with network protocol specifications and feature logic consistency, thereby improving the robustness of the model.

Benefits of technology

This invention enhances the intrusion detection model's defense capabilities against different attack modes, solves the problem of limited defense generalization ability in existing technologies, and improves the model's robustness and generalization.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN121923942B_ABST
    Figure CN121923942B_ABST
Patent Text Reader

Abstract

This invention relates to the field of network security technology, and more particularly to a method and apparatus for adversarial training and defense of a network intrusion detection model. The method includes: dynamically outputting attack strategies based on traffic feature vectors and current strategy parameters using an adversarial strategy generator; imposing restrictions on perturbations in the problem space through adversarial domain constraints to ensure that the generated adversarial samples conform to network protocol specifications and feature logic consistency requirements; and forming a dynamic game mechanism by alternately executing adversarial training and strategy parameter optimization between the intrusion detection model and the adversarial strategy generator. This allows the model to gradually improve its defense capabilities against mixed threats in the feature space and problem space as it continuously adapts to increasingly complex attack patterns, ultimately achieving a synergistic improvement in the robustness and generalization of the intrusion detection model.
Need to check novelty before this filing date? Find Prior Art