EB-GAN:基于BiGAN的网络流量异常检测方法  被引量：5

作　　者：胡梦娜 何强 贾俊铖[1] 金映言 马标 那幸仪 Hu Mengna;He Qiang;Jia Juncheng;Jin Yingyan;Ma Biao;Na Xingyi(School of Computer Science and Technology,Soochow University,Suzhou 215000,Jiangsu,China;State Key Laboratory of Media Convergence Production Technology and Systems,Xinhua News Agency,Beijing 100803,China)

机构地区：[1]苏州大学计算机科学与技术学院,江苏苏州215000 [2]新华社媒体融合生产技术与系统国家重点实验室,北京100803

出　　处：《计算机应用与软件》2023年第6期303-309,共7页Computer Applications and Software

基　　金：中国博士后科学基金项目(2017M611905);江苏省高等学校自然科学研究面上项目(17KJB520034);苏州市科技项目(SS201701,SYSD20192152);江苏高校优势学科建设工程资助项目(PAPD)。

摘　　要：网络入侵检测系统是网络安全的重要组成部分,被用来检测并防御各种外来攻击。作为入侵检测尤为重要的方法之一,传统的异常检测模型存在误报率高、性能差等问题。针对这些问题,提出一种网络流量异常检测模型Enhanced BiGAN(EB-GAN)。使用BiGAN基本网络框架学习真实复杂数据的分布;GAN的鉴别器使用双向长短期记忆网络捕捉序列分布的时间相关性,添加注意力机制使模型更有效地找到输入数据与当前输出数据之间的相关信息,从而提高检测率;结合WGAN和混合增强GAN的损失函数使得模型训练收敛更快。利用KDDCUP1999数据集对该方法进行了实验评价。实验结果表明,该方法优于对比的流量异常检测方法。Network intrusion detection system(NIDS)is an important part of network security,which is used to detect and defend against various foreign attacks.As one of the most important methods of intrusion detection,the traditional anomaly detection model has some problems such as high false positives and poor performance.In order to solve these problems,this paper proposes an enhanced BiGAN(EB-GAN)network traffic anomaly detection model.The basic network framework of BiGAN was used to learn the distribution of real complex data.GAN discriminator used bidirectional long short-term memory network to capture the time correlation of sequence distribution,and attention mechanism was added,so that the model could more effectively find the relevant information between the input data and the current output data,thus improving the detection rate.The model training converged faster by combining the loss function of WGAN and mixed augmented GAN.KDDCUP1999 data set was used to evaluate the proposed method.Experimental results show that this method is superior to the contrastive flow anomaly detection methods.

关 键 词：异常检测 生成对抗网络 长短期记忆网络 注意力机制 

分 类 号：TP3[自动化与计算机技术—计算机科学与技术]