Computer Engineering and Applications ›› 2022, Vol. 58 ›› Issue (1): 134-142.DOI: 10.3778/j.issn.1002-8331.2007-0507

• Network, Communication and Security • Previous Articles     Next Articles

Network Security Situation Elements Acquisition for Sample Imbalance

ZHANG Xin, ZHU Jiang   

  1. School of Communication and Information Engineering, Chongqing University of Posts and Telecommunications, Chongqing 400065, China
  • Online:2022-01-01 Published:2022-01-06

面向样本不平衡的网络安全态势要素获取

张欣,朱江   

  1. 重庆邮电大学 通信与信息工程学院,重庆 400065

Abstract: For the traditional element acquisition mechanism, when the sample distribution is unbalanced, the samples with a small proportion(collectively referred to as small samples) cannot be effectively detected. Accurately identifying each attack sample has become one of the research hotspots, and an element acquisition model for imbalance sample is proposed by using deep learning. Firstly, it uses convolutional neural network as the base classifier to extract the deep features of network data. Then, GAN is used to generate a countermeasure network to expand small samples to solve the problem of unbalanced sample distribution. Finally, transfer learning is used on the expanded balanced data set to speed up the training time of the base classifier to the new classification adapted to small samples. Experiments on the NSL-KDD dataset show that the dataset expanded by generating the confrontation network, combined with transfer learning, effectively accelerates the model training convergence speed, and effectively improves the classification accuracy of the network security situation elements.

Key words: situation element, sample characteristics, convolutional neural network, transfer learning, generative adversarial network

摘要: 针对传统的网络安全态势要素获取模型中,当样本分布不平衡时,占比很少的样本(统称小样本)不能被有效检测,准确识别到每一类攻击样本成为研究热点之一。利用深度学习提出了一种面向样本不平衡的要素获取模型,利用卷积神经网络作为基分类器提取网络数据的深层特征,其次使用GAN生成对抗网络扩充小样本的方法,解决样本分布不均衡问题。在扩充后的平衡数据集上采用迁移学习,加快基分类器到适应于小样本的新分类的训练时间。在NSL-KDD数据集上的实验表明,经过生成对抗网络扩充后的数据集,结合迁移学习有效加快了模型训练收敛速度,并有效提高网络安全态势要素获取的分类精度。

关键词: 态势要素, 样本特征, 卷积神经网络, 迁移学习, 生成对抗网络