• Overview of Chinese core journals
  • Chinese Science Citation Database(CSCD)
  • Chinese Scientific and Technological Paper and Citation Database (CSTPCD)
  • China National Knowledge Infrastructure(CNKI)
  • Chinese Science Abstracts Database(CSAD)
  • JST China
  • SCOPUS
Advanced Search
SHI Xinran, ZHANG Qizhi, ZHAO Gansen, ZHENG Weiping. A Network Attack Traffic Detection System Based on a Small Sample and Imbalanced Data[J]. Journal of South China Normal University (Natural Science Edition), 2021, 53(1): 100-108. DOI: 10.6054/j.jscnun.2021016
Citation: SHI Xinran, ZHANG Qizhi, ZHAO Gansen, ZHENG Weiping. A Network Attack Traffic Detection System Based on a Small Sample and Imbalanced Data[J]. Journal of South China Normal University (Natural Science Edition), 2021, 53(1): 100-108. DOI: 10.6054/j.jscnun.2021016
shu

A Network Attack Traffic Detection System Based on a Small Sample and Imbalanced Data

  • 1.

    School of Computer Science, South China Normal University, Guangzhou 510631, China

  • 2.

    Key Lab on Cloud Security and Assessment Technology of Guangzhou, Guangzhou 510631, China

More Information
  • Received Date: February 24, 2020
  • Available Online: March 23, 2021
    Graphical Abstract
    • Abstract
  • In order to solve the problem that the supervised learning method used in network attack traffic detection relies heavily on the scale of label data, an attack traffic detection system is designed and a network attack traffic detection model (CNN-Siamese) based on siamese network and deep learning convolutional neural network (CNN) is built to achieve the purpose of few-shot and uneven attack traffic detection. Subsequently, a pre-trained detection model AE-CNN-Siamese was constructed, adopting the idea of migration learning, to solve the problem of unstable prediction caused by CNN-Simaese on obtaining training samples. In addition, the contrastive loss function commonly used in a siamese network is improved. The experimental results show that CNN-Siamese can accurately detect attack traffic. Compared with CNN and CNN-SVM, it can correct the error when there is no significant gap in the false negative rate. The reporting rate is reduced from 30% to 2%; the prediction result of AE-CNN-Sia-mese is more stable than that of CNN-Siamese; the improved loss function improves the convergence speed of the model and accelerates model training.
    • FullText(HTML)
    • References (18)
  • [1]
    付钰, 李洪成, 吴晓平, 等. 基于大数据分析的APT攻击检测研究综述[J]. 通信学报, 2015, 36(11): 1-14. doi: 10.11959/j.issn.1000-436x.2015184

    FU Y, LI H C, WU X P, et al. Detecting APT attacks: a survey from the perspective of big data analysis[J]. Journal on Communications, 2015, 36(11): 1-14. doi: 10.11959/j.issn.1000-436x.2015184
    [2]
    张蕾, 崔勇, 刘静, 等. 机器学习在网络空间安全研究中的应用[J]. 计算机学报, 2018, 41(9): 1943-1975.

    ZHANG L, CUI Y, LIU J, et al. Application of machine learning in cyberspace security research[J]. Chinese Journal of Computers, 2018, 41(9): 1943-1975.
    [3]
    张玉清, 董颖, 柳彩云, 等. 深度学习应用于网络空间安全的现状、趋势与展望[J]. 计算机研究与发展, 2018, 55(6): 1117-1142.

    ZHANG Y Q, DONG Y, LIU C Y, et al. Situation, trends and prospects of deep learning applied to cyberspace security[J]. Journal of Computer Research and Development, 2018, 55(6): 1117-1142.
    [4]
    WANG M, LU Y, QIN J. A dynamic MLP-based DDoS attack detection method using feature selection and feedback[J]. Computers & Security, 2020, 88: 101645/1-14. http://www.sciencedirect.com/science/article/pii/S0167404819301890
    [5]
    NASEER S, SALEEM Y, KHALID S, et al. Enhanced network anomaly detection based on deep neural networks[J]. IEEE Access, 2018, 6: 48231-48246. doi: 10.1109/ACCESS.2018.2863036
    [6]
    KIM T, CHO S. Web traffic anomaly detection using C-LSTM neural networks[J]. Expert Systems with Applications, 2018, 106: 66-76. doi: 10.1016/j.eswa.2018.04.004
    [7]
    赵双, 陈曙晖. 基于机器学习的流量识别技术综述与展望[J]. 计算机工程与科学, 2018, 40(10): 1746-1756. doi: 10.3969/j.issn.1007-130X.2018.10.005

    ZHAO S, CHEN S H. Review: traffic identification based on machine learning[J]. Computer Engineering & Science, 2018, 40(10): 1746-1756. doi: 10.3969/j.issn.1007-130X.2018.10.005
    [8]
    CHOPRA S, HADSELL R, LECUN Y. Learning a similarity metric discriminatively, with application to face verification[C]//Proceedings of the 2005 IEEE Computer Society Conference on Computer Vision and Pattern Recognition(CVPR'05). Piscataway, NJ: IEEE, 2005: 539-546.
    [9]
    KOCH G, ZEMEL R, SALAKHUTDINOV R. Siamese neural networks for one-shot image recognition[C]//Proceedings of 32nd International Conference on Machine Learning. New York: ACM, 2015: 2252-2259.
    [10]
    TAO R, GAVVES E, SMEULDERS A. Siamese instance search for tracking[J/OJ]. ArXiv, (2016-05-19)[2020-02-05]. https://arxiv.org/abs/1605.05863.
    [11]
    BERTINETTO L, VALMADRE J, HENRIQUES J F, et al. Fully-convolutional siamese networks for object tracking[J/OL]. ArXiv, (2016-09-14)[2020-02-05]. https://arxiv.org/abs/1606.09549.
    [12]
    TAN C Q, SUN F C, KONG T, et al. A survey on deep transfer learning[C]//Proceedings of Artificial Neural Networks and Machine Learning-ICANN 2018. Berlin: Springer, 2018: 270-279.
    [13]
    SUN G L, LIANG L L, CHEN T, et al. Network traffic classification based on transfer learning[J]. Computers & Electrical Engineering, 2018, 69: 920-927. http://www.sciencedirect.com/science/article/pii/S004579061732829X
    [14]
    诸葛建伟, 唐勇, 韩心慧, 等. 蜜罐技术研究与应用进展[J]. 软件学报, 2013, 24(4): 167-184.

    ZHUGE J W, TANG Y, HAN X H, et al. Honeypot technology research and application[J]. Journal of Software, 2013, 24(4): 167-184.
    [15]
    HADSELL R, CHOPRA S, LECUN Y. Dimensionality reduction by learning an invariant mapping[C]//Procee-dings of the 2006 IEEE Computer Society Conference on Computer Vision and Pattern Recognition. Piscataway, NJ: IEEE, 2006: 1735-1742.
    [16]
    WANG W, ZHU M, ZENG X W, et al. Malware traffic classification using convolutional neural network for representation learning[C]//Proceedings of 2017 IEEE International Conference on Information Networking. Pisca-taway, NJ: IEEE, 2017: 712-717.
    [17]
    AGARAP A F. Towards building an intelligent anti-malware system: a deep learning approach using support vector machine (SVM) for malware classification[J/OL]. ArXiv, (2019-02-07)[2020-02-05]. https://arxiv.org/abs/1801.00318.
    [18]
    LIN W H, LIN H C, WANG P, et al. Using convolutional neural networks to network intrusion detection for cyber threats[C]//Proceedings of 2018 IEEE International Conference on Applied System Invention. Piscataway, NJ: IEEE, 2018: 1107-1110.
    • Related Articles

  • Related Articles

    [1]MENG Zhan, BAI Heng, ZHAO Lei. Phase Equilibrium of CO2-Hydrocarbon Mixture in Confined Space with Extended PT Equation of State[J]. Journal of South China Normal University (Natural Science Edition), 2025, 57(1): 43-50. DOI: 10.6054/j.jscnun.2025005
    [2]HE Guannan, HUANG Bo. Preparation of ZnO Light Trapping Materials and their Performance in Solar Cells[J]. Journal of South China Normal University (Natural Science Edition), 2019, 51(4): 1-6. DOI: 10.6054/j.jscnun.2019056
    [3]Degradation of Rhodamine B by Carbon Nitride Activated Sodium Persulfate under Visible Light Irradiation[J]. Journal of South China Normal University (Natural Science Edition), 2017, 49(3): 44-48.
    [4]Research Progress on Light Extraction Technology of LED[J]. Journal of South China Normal University (Natural Science Edition), 2016, 48(5): 1-7. DOI: 10.6054/j.jscnun.2016.08.001
    [5]Sheng Qian, Xue Jianming*. The Research Progress of Room Temperature Ionic Liquids in Confined Geometries[J]. Journal of South China Normal University (Natural Science Edition), 2015, 47(2): 27-31. DOI: 10.6054/j.jscnun.2014.12.014
    [6]Theoretical Study of Light (Electrostatics) Driven Molecular Switching Processes[J]. Journal of South China Normal University (Natural Science Edition), 2014, 46(6): 139-139.
    [7]Microemulsion Synthesis Of Nanosized Bismuth Oxyiodide-Titanium Dioxide Composite Particles And Photodegradation Of Bisphenol A Under Visible Light Irradiation[J]. Journal of South China Normal University (Natural Science Edition), 2013, 45(1). DOI: 10.6054/j.jscnun.2012.12.013
    [8]Kan Xue-min. photon mass and dispersion of the velocity of light in vacuum[J]. Journal of South China Normal University (Natural Science Edition), 2012, 44(3). DOI: 10.6054/j.jscnun.2012.06.016
    [9]THE FORMATION OF CHARGE-TRANSFER-COMPLEX OF ORGANICS/TIO2 AND THEIR EFFECTS ON PHOTOCATALYTIC REDUCTION OF CR6+ UNDER VISIBLE LIGHT IRRADIATION[J]. Journal of South China Normal University (Natural Science Edition), 2012, 44(2).
    [10]EXPERIMENTAL RESEARCH OF PHASE-SHIFTING DIGITAL HOLOGRAPHY BASED ON SPATIAL LIGHT MODULATOR[J]. Journal of South China Normal University (Natural Science Edition), 2009, 1(2): 44-47 .

  • Cited by

    Periodical cited type(2)

    1. 管钰晴,唐冬梅,傅云霞,孙佳媛,韩志国,张波,孔明,曹程明,雷李华. 穆勒椭偏标定方法中LM算法研究. 红外与激光工程. 2020(08): 168-176 .
    2. 汪娟,冀丽娜,白芸,黄佐华. 单波长椭偏法测量各向异性晶体光学参数的研究. 激光与光电子学进展. 2020(15): 224-232 .

    Other cited types(2)

Catalog

    Get Citation
    PDF
    XML
    Article views (681) PDF downloads (78) Cited by(4)
    Turn off MathJax
    Article Contents
    Abstract
    References
    Related Articles

    Copyright © China Research Institute of Radiowave Propagation 豫ICP备16036117号

    Address: Tel: Fax:0373-3052232 E-mail:

    Supported by: Beijing Renhe Information Technology Co., Ltd. Baidu Analytics

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return