| 引用本文: |
-
苏书宾,肖利民,李书攀,黄兴旺,谢书童,吴博.基于深度学习的网络入侵检测研究综述[J].信息安全学报,已采用 [点击复制]
- sushubin,XIAO Limin,LI Shupan,HUANG Xingwang,XIE Shutong,WU Bo.State-of-the-Art Survey of Network Intrusion Detection Technology based on Deep Learning[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 入侵检测是网络系统安全继防火墙之后的第二道防线,在网络入侵的防护中发挥着重要的作用。深度学习具有强大的自动学习能力,良好的可移植性,模型容量大等突出优点。使用深度学习方法构建入侵检测系统可以实时监测网络流量、识别更复杂的入侵行为、以及自适应检测新型攻击模式,是网络安全领域一个重要的研究方向。本文首先介绍了网络安全的当前形式,网络入侵的危害和分类,并总结了入侵检测系统的分类、评估方法、常用的机器学习方法。另外,深度学习是一种数据驱动的方法,数据集对于深度学习至关重要,因此本文对入侵检测领域的重要数据集和预处理方法也进行了详细介绍。然后,回顾了自2010年以来关于基于深度学习方法研究入侵检测系统的代表性文献,并以数据类型作为主要的分类标志对代表性方法进行分类总结。同时对深度学习在入侵检测应用中面临的挑战进行总结,分析如何更好地将基于深度学习的入侵检测系统应用到实际环境中,对此除了考虑深度学习准确率的相关指标外、本文还重点分析了深度学习模型的时间效率与可解释性的重要性。最后,对基于深度学习的入侵检测系统未来的发展进行总结,随着网络技术的发展和应用入侵检测依然面临着一系列挑战、深度学习是入侵检测的一个有效技术、优化现有深度学习技术和研究新的深度学习方法是未来提高入侵检测性能的重要研究方向。 |
| 关键词: 机器学习 深度学习 入侵检测 网络安全 |
| DOI: |
| 投稿时间:2024-03-02修订日期:2024-07-18 |
| 基金项目:福建省自然科学基金 (2023J01132648), 福建省教育厅-面上(JAT210216), 校基金-集美大学国家基金培育计划项目(ZP2022007), 国家自然科学基金项目(62272026), 国家自然科学基金青年科学基金项目(62006096), 福建省自然科学基金青年项目(2020J05146),集美大学科研基金(ZQ2021024)资助。 |
|
| State-of-the-Art Survey of Network Intrusion Detection Technology based on Deep Learning |
|
sushubin1, XIAO Limin2, LI Shupan3, HUANG Xingwang1, XIE Shutong1, WU Bo4
|
| (1.Jimei University;2.Beihang University;3.Zhengzhou University;4.Nanchang Hangkong University) |
| Abstract: |
| Intrusion detection system is called the second strobe after firewall of cyber security, and plays a crucial role in prevent-ing network intrusions. Deep learning has the outstanding advantages such as powerful automatic learning ability, good portability, and large model capacity. Using deep learning to build intrusion detection system can monitor network traf-fic in real time, identify more complex intrusion behaviors, and automatically detect the new attack patterns, making it an important research direction in the field of cyber security. This work first introduces the current situation of cyber security, the harm and classification of network intrusion, and summarizes the classification, evaluation methods, as well as commonly used machine learning methods of intrusion detection systems. In addition, deep learning is a data-driven approach, and the data sets are crucial for deep learning methods. Therefore, we have also provided a detailed introduc-tion to the important data sets and the data preprocessing methods in the field of intrusion detection. Then, the repre-sentative researches on intrusion detection system based on deep learning since 2010 are reviewed, and they are classi-fied and compared with data types as the main classification marks. Furthermore, we summarize the challenges of deep learning in intrusion detection applications, and analyze how to better apply deep learning based intrusion detection sys-tems to practice. Specifically, in addition to considering relevant indicators of deep learning accuracy, this work also focuses on analyzing the importance of time efficiency and interpretability of the deep learning models. Finally, we summarize the future development of deep learning based intrusion detection systems. With the development and appli-cation of network technology, intrusion detection still faces a series of challenges. Deep learning is an effective technol-ogy for intrusion detection, optimizing the existing deep learning techniques and researching new deep learning methods are important research directions for improving intrusion detection performance in the future. |
| Key words: machine learning deep learning intrusion detection cyber security |
