مقاله انگلیسی رایگان در مورد سیستم تشخیص نفوذ براساس یک مدل کمی – IEEE 2019

IEEE

 

مشخصات مقاله
ترجمه عنوان مقاله یک سیستم تشخیص نفوذ براساس یک مدل کمی حالت تعامل بین درگاه ها
عنوان انگلیسی مقاله An Intrusion Detection System Based on a Quantitative Model of Interaction Mode Between Ports
انتشار مقاله سال ۲۰۱۹
تعداد صفحات مقاله انگلیسی ۱۶ صفحه
هزینه دانلود مقاله انگلیسی رایگان میباشد.
پایگاه داده نشریه IEEE
نوع نگارش مقاله
مقاله پژوهشی (Research Article)
مقاله بیس این مقاله بیس نمیباشد
نمایه (index) Scopus – Master Journals List – JCR
نوع مقاله ISI
فرمت مقاله انگلیسی  PDF
ایمپکت فاکتور(IF)
۴٫۶۴۱ در سال ۲۰۱۸
شاخص H_index ۵۶ در سال ۲۰۱۹
شاخص SJR ۰٫۶۰۹ در سال ۲۰۱۸
شناسه ISSN ۲۱۶۹-۳۵۳۶
شاخص Quartile (چارک) Q2 در سال ۲۰۱۸
مدل مفهومی ندارد
پرسشنامه ندارد
متغیر ندارد
رفرنس دارد
رشته های مرتبط مهندسی کامپیوتر، مهندسی فناوری اطلاعات
گرایش های مرتبط هوش مصنوعی، شبکه های کامپیوتری
نوع ارائه مقاله
ژورنال
مجله / کنفرانس دسترسی – IEEE Access
دانشگاه  Tianjin Key Laboratory of Intelligence Computing and Novel Software Technology, Tianjin University of Technology, Tianjin 300384, China
کلمات کلیدی تشخیص ناهنجاری، حالت تعامل بین درگاه ها، تشخیص نفوذ، شبکه عصبی، بازسازی فضای فاز
کلمات کلیدی انگلیسی  Anomaly detection, interaction mode between ports, intrusion detection, neural network, phase space reconstruction
شناسه دیجیتال – doi
https://doi.org/10.1109/ACCESS.2019.2951839
کد محصول  E13988
وضعیت ترجمه مقاله  ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید.
دانلود رایگان مقاله دانلود رایگان مقاله انگلیسی
سفارش ترجمه این مقاله سفارش ترجمه این مقاله

 

فهرست مطالب مقاله:
Abstract
I. Introduction
II. Related Works
III. PIMDL Model and its Characteristic Analysis
IV. Neural Network and Intrusion Detection
V. Experimental Results Analysis
Authors
Figures
References

 

بخشی از متن مقاله:
Abstract

Considering the characteristics of network traffic on the data link layer, such as massive highspeed data flow, information camouflaged easily, and the phenomenon that abnormal traffic is much smaller than the normal one, an intrusion detection system (IDS) based on the quantitative model of interaction mode between ports is proposed. The model gives the quantitative expression of Port Interaction Mode in Data Link Layer (PIMDL), focusing on improving the accuracy and efficiency of the intrusion detection by taking the arrival time distribution of traffic. The feasibility of the model proposed is proved by the phase space reconstruction and visualization method. According to the characteristics of long and short sessions, a neural network based on CNN and LSTM is designed to mine the differences between normal and abnormal models. On this basis, an improved Intrusion Detection algorithm based on a multi-model scoring mechanism is designed to classify sessions in model space. And the experiments show that the quantitative model and the improved algorithm proposed can not only effectively avoid camouflage identity information, but also improve computational efficiency, as well as increase the accuracy of small sample anomaly detection.

Introduction

To avoid the serious losses caused by network attacks, it is important to build an effective intrusion detection model to explore the existing characteristic rules in mass traffic data. As a branch of machine learning, deep learning can recognize the internal law of a certain kind of things to the maximum through training multilayer neural network, so it has a unique advantage to explore the internal law of abnormal attack traffic in massive network traffic data. Among the many problems involved in intrusion detection, the anomaly detection method is the most important one, and its key point is to design a feature set that can accurately describe network traffic [1], [2]. At present, many data sets, such as KDD’۹۹ [۳], NSL-KDD [4], UNSW-NB15 [5], CIC-IDS-2017 [6], ISCX [7], which are widely used in intrusion detection systems, have a large capacity and rich characteristics, and the neural network can be used to mine the internal rules of these data sets to realize the intrusion detection. There are a lot of achievements in previous studies, while ignoring several problems. Firstly, to obtain the previous feature set from the initial traffic, it is necessary to check all the traffic data in the first two seconds and the first 100 connections at the end of the session, however, the intrusion detection system cannot be too complex because of the massive and high-speed traffic characteristics, in practice, according to previous research methods, building feature sets from the real-time generated initial traffic will cause a lot of computational burdens. Secondly, previous studies have trained neural networks based on a large number of high-level protocol information (e.g. logon status, flag). When attackers camouflage these attributes, the classification accuracy of neural networks will be greatly affected.

ارسال دیدگاه

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *