Research on Intrusion Detection Based on Stacked Autoencoder and Long-short Memory

doi:10.16182/j.issn1004731x.joss.20-0112

Abstract

Abstract: As network attacks increasingly hidden, intelligent and complex. Simple machine learning cannot deal with attacks timely. A deep learning method based on the combination of SDAE and LSTM is proposed. Firstly, the distribution rules of network data are extracted intelligently layer by layer by SDAE, and the diverse anomaly features of high-dimensional data ate extracted by using coefficient penalty and reconstruction error of each coding layer. Then, LSTM’ s memory function and the powerful learning ability of sequence data are used to classify learning depth. Finally, the experiments are carried out with the UNSW-NB15 data set, which is analyzed by adjusting the time step. The experimental results show that the model has higher detection accuracy and lower false alarm rate.

Key words: deep learning, Intrusion Detection System(IDS), Stacked Denoising Autoencoder (SDAE), Long Short-Term Memory (LSTM)

CLC Number:

TP393

Lin Shuo, An Lei, Gao Zhijun, Shan Dan, Shang Wenli. Research on Intrusion Detection Based on Stacked Autoencoder and Long-short Memory[J]. Journal of System Simulation, 2021, 33(6): 1288-1296.

References

[1] 黄婷婷, 余磊. SDAE-LSTM模型在金融时间序列预测中的应用[J]. 计算机工程与应用, 2019, 55(1): 148-154.
Huang Tingting, Yu Lei.Application of SDAE-LSTM Model in Financial Time Series Prediction[J]. Computer Engineering and Applications, 2019, 55(1): 148-154.
[2] 吴亚丽, 李国婷, 付玉龙, 等. 基于自适应鲁棒性的入侵检测模型[J]. 控制与决策, 2019, 34(11): 2330-2336.
Wu Yali, Li Guoting, Fu Yulong, et al.Intrusion Detection Model based on Adaptive Robustness[J]. Control and Decision, 2019, 34(11): 2330-2336.
[3] 杨丽, 吴雨茜, 王俊丽, 等. 循环神经网络研究综述[J]. 计算机应用, 2018, 38(S2): 6-11, 31.
Yang Li, Wu Yuqian, Wang Junli, et al.Review of Recurrent Neural Network Research[J]. Journal of Computer Applications, 2018, 38(S2): 6-11, 31.
[4] Fang W J, Tan X L.Application of intrusion Detection Technology in Network Safety based on Machine Learning[J]. Safety Science (S0925-7535), 2020, 12(2): 1-6.
[5] 张文安, 洪榛, 朱俊威. 工业控制系统网络入侵检测方法综述[J]. 控制与决策, 2019, 34(11): 2277-2288.
Zhang Wenan Hong Zhen, Zhu Junwei. Overview of Network Intrusion Detection Methods for Industrial Control Systems[J]. Control and Decision, 2019, 34(11): 2277-2288.
[6] 丁红卫, 万良, 龙廷艳. 深度自编码网络在入侵检测中的应用研究[J]. 哈尔滨工业大学学报, 2019, 51(5): 185-194.
Ding Hongwei, Wan Liang, Long Tingyan.Research on Application of Deep Self-coding Network in Intrusion Detection[J]. Journal of Harbin Institute of Technology, 2019, 51(5): 185-194.
[7] 王佳林, 刘吉强, 赵迪. 基于非对称卷积自编码器和支持向量机的入侵检测模型[J]. 网络与信息安全学报, 2018, 4(11): 58-68.
Wang Jialin, Liu Jiqiang, Zhao Di.Intrusion Detection Model based on Asymmetric Convolution Autoencoder and Support Vector Machine[J]. Journal of Network and Information Security, 2018, 4(11): 58-68.
[8] 李熠, 李永忠. 基于自编码器和极限学习机的工业控制网络入侵检测算法[J]. 南京理工大学学报(自然科学版), 2019, 43(4): 408-413.
Li Yi, Li Yongzhong.Intrusion Detection Algorithm of Industrial Control Network based on Autoencoder and Extreme Learning Machine[J]. Journal of Nanjing University of Science and Technology (Nature Science Edition), 2019, 43(4): 408-413.
[9] 高忠石, 苏旸, 柳玉东. 基于PCA-LSTM的入侵检测研究[J]. 计算机科学, 2019, 46(增2): 473-476, 492.
Gao Zhongshi, Su Yang, Liu Yudong.Research on Intrusion Detection Based on PCA-LSTM[J]. Computer Science, 2019, 46(S2): 473-476, 492.
[10] 朱俊峰. 基于PCA-ANN模型中存在的问题及改进[J]. 合肥学院学报(自然科学版), 2010, 20(3): 36-39.
Zhu Junfeng.Problems and Improvements Based on PCA-ANN Model[J]. Journal of Hefei University (Natural Science Edition), 2010, 20(3): 36-39.
[11] 尚文利, 尹隆, 刘贤达, 等. 工业控制系统安全可信环境构建技术及应用[J]. 信息网络安全, 2019, 20(6): 1-10.
Shang Wenli, Yin Long, Liu Xianda, et al.Construction Technology and Application of Safe and Credible Environment for Industrial Control System[J]. Information Network Security, 2019, 20(6): 1-10.
[12] 闫腾飞, 尚文利, 赵剑明, 等. 基于遗传算法优化的OCSVM双轮廓模型异常检测算法[J]. 计算机应用研究, 2019, 36(11): 1-6.
Yan Tengfei, Shang Wenli, Zhao Jianming, et al.OCSVM Double Contour Model Anomaly Detection Algorithm based on Genetic Algorithm Optimization[J]. Computer Application Research, 2019, 36(11): 1-6.
[13] 尚文利, 闫腾飞, 赵剑明, 等. 工控通信行为的自编码特征降维和双轮廓模型异常检测方法[J].小型微型计算机系统, 2018, 39(7): 1405-1409.
Shang Wenli, Yan Tengfei, Zhao Jianming, et al.Anomaly Detection Method of Self Coding Feature Reduction and Double Contour Model of Industrial Control Communication Behavior[J]. Minicomputer System, 2018, 39(7): 1405-1409
[14] 陈防渐, 王玉彬, 陈奇芳, 等. 基于SDAE-ELM伪量测建模的高容错快速状态估计方法[J]. 电力建设, 2019, 40(11): 65-72.
Chen Fangjian, Wang Yubin, Chen Qifang, et al.High Fault-tolerant and Fast State Estimation Method based on SDAE-ELM Pseudo-measurement Modeling[J]. Electric Power Construction, 2019, 40(11): 65-72.
[15] Shao L, Cai Z Y, Liu L, et al.Performance Evaluation of Deep Feature Learning for RGB-D Image/video Classification[J]. Information Sciences (S0020-0255), 2017, 40(11): 385-386.
[16] 尚文利, 杨路瑶, 陈春雨, 等. 面向工业控制系统终端的轻量级组认证机制[J]. 信息与控制, 2019, 48(3): 344-353.
Shang Wenli, Yang Luyao, Chen Chunyu, et al.Lightweight Group Authentication Mechanism for Industrial Control System Terminals[J]. Information and Control, 2019, 48(3): 344-353.
[17] 尚文利, 张修乐, 刘贤达, 等. 工控网络局域可信计算环境构建方法与验证[J]. 信息网络安全, 2019(4): 1-10.
Shang Wenli, Zhang Xiule, Liu Xianda, et al.Construction and Verification of Local Trusted Computing Environment for Industrial Control Network[J]. Information Network Security, 2019(4): 1-10.
[18] 陈春雨, 尚文利, 赵剑明, 等. 边缘计算身份认证和隐私保护技术[J]. 自动化博览, 2018, 35(增2): 88-91.
Chen Chunyu, Shang Wenli, Zhao Jianming, et al.Edge Computing Identity Authentication and Privacy Protection Technology[J]. Automation Expo, 2018, 35(S2): 88-91.
[19] 邢瑞康, 李成海. 改进的聚类算法在入侵检测系统中的应用[J]. 火力与指挥控制, 2019, 44(2): 124-128.
Xing Ruikang, Li Chenghai.Application of Improved Clustering Algorithm in Intrusion Detection System[J]. Fire Power and Command Control, 2019, 44(2): 124-128.