Please wait a minute...
 首页  期刊介绍 期刊订阅 联系我们 横山亮次奖 百年刊庆
 
最新录用  |  预出版  |  当期目录  |  过刊浏览  |  阅读排行  |  下载排行  |  引用排行  |  横山亮次奖  |  百年刊庆
清华大学学报(自然科学版)  2022, Vol. 62 Issue (5): 842-848    DOI: 10.16511/j.cnki.qhdxxb.2022.22.006
  专题:漏洞分析与风险评估 本期目录 | 过刊浏览 | 高级检索 |
基于并行特征提取和改进BiGRU的网络安全态势评估
杨宏宇1,2, 张梓锌2, 张良3
1. 中国民航大学 安全科学与工程学院, 天津 300300, 中国;
2. 中国民航大学 计算机科学与技术学院, 天津 300300, 中国;
3. 亚利桑那大学 信息学系, 图森 85721, 美国
Network security situation assessments with parallel feature extraction and an improved BiGRU
YANG Hongyu1,2, ZHANG Zixin2, ZHANG Liang3
1. School of Safety Science and Engineering, Civil Aviation University of China, Tianjin 300300, China;
2. School of Computer Science and Technology, Civil Aviation University of China, Tianjin 300300, China;
3. Department of Information, University of Arizona, Tucson 85721, USA
全文: PDF(1362 KB)   HTML
输出: BibTeX | EndNote (RIS)      
摘要 针对目前网络安全态势评估方法在特征提取、高效性等方面存在的不足,该文提出了一种基于并行特征提取和改进双向门控循环单元(BiGRU)的网络安全态势评估方法,设计了一个由并行特征提取网络(PFEN)和基于注意力机制改进的BiGRU组成的深度学习模型(PFEN-ABiGRU)。PFEN模块由并行的稀疏编码器组成,用于差异化地提取不同网络威胁的关键信息并将提取的特征与原始信息融合;ABiGRU模块通过注意力机制对关键特征进行加权以提高模型的准确性。将训练好的PFEN-ABiGRU模型用于网络威胁检测,根据威胁检测结果,结合提出的网络安全态势量化指标,计算网络安全态势值。实验结果表明,PFEN-ABiGRU在精确率和召回率上均优于对比的其他模型。
服务
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章
杨宏宇
张梓锌
张良
关键词 并行特征提取注意力机制双向门控循环单元(BiGRU)态势评估    
Abstract:Current network security situation assessment methods have limited feature extraction capabilities and can be more efficient. This paper presents a network security situation assessment method that uses a parallel feature extraction network (PFEN) and an improved bi-directional gate recurrent unit (BiGRU). A deep learning model is designed with a PFEN and a BiGRU based on an attention mechanism (ABiGRU). The PFEN module has parallel sparse auto-encoders which identify key data out of the network traffic and integrate this data with the original features. Then, the ABiGRU module weights the key features through the attention mechanism to improve the model accuracy. The trained PFEN-ABiGRU is then applied to network threat detection. The model detection results are combined with a network security quantification method to calculate a network security situation index. Tests indicate that the PFEN-ABiGRU assessments have better accuracy and recall rates than other model assessment results.
Key wordsparallel feature extraction    attention mechanism    bi-directional gate recurrent unit (BiGRU)    situation assessments
收稿日期: 2021-09-22      出版日期: 2022-04-26
基金资助:国家自然科学基金民航联合研究项目(U1833107)
作者简介: 杨宏宇(1969—),男,博士,教授。E-mail:yhyxlx@hotmail.com
引用本文:   
杨宏宇, 张梓锌, 张良. 基于并行特征提取和改进BiGRU的网络安全态势评估[J]. 清华大学学报(自然科学版), 2022, 62(5): 842-848.
YANG Hongyu, ZHANG Zixin, ZHANG Liang. Network security situation assessments with parallel feature extraction and an improved BiGRU. Journal of Tsinghua University(Science and Technology), 2022, 62(5): 842-848.
链接本文:  
http://jst.tsinghuajournals.com/CN/10.16511/j.cnki.qhdxxb.2022.22.006  或          http://jst.tsinghuajournals.com/CN/Y2022/V62/I5/842
  
  
  
  
  
  
  
  
  
  
[1] CHEN C, YE L, YU X Z, et al. A survey of network security situational awareness technology[C]//International Conference on Artificial Intelligence and Security. New York, USA:Springer, 2019:101-109.
[2] WEN L. Security evaluation of computer network based on hierarchy[J]. International Journal of Network Security, 2019, 21(5):735-740.
[3] YANG M, JIANG R, GAO T L, et al. Research on cloud computing security risk assessment based on information entropy and Markov chain[J]. International Journal of Network Security, 2018, 20(4):664-673.
[4] LI X N, LI M G, WANG H. Research on network security risk assessment method based on Bayesian reasoning[C]//2019 IEEE 9th International Conference on Electronics Information and Emergency Communication (ICEIEC). Beijing, 2019:1-7.
[5] ZHAO Z W, PENG Y, HUANG J H, et al. An evaluation method of network security situation using data fusion theory[J]. International Journal of Performability Engineering, 2020, 16(7):1046-1057.
[6] ZHAO D M, SONG H Q, LI H. Fuzzy integrated rough set theory situation feature extraction of network security[J]. Journal of Intelligent & Fuzzy Systems, 2021, 40(4):8439-8450.
[7] DONG G S, LI W C, WANG S W, et al. The assessment method of network security situation based on improved BP neural network[C]//The 8th International Conference on Computer Engineering and Networks. Berlin, Germany:Springer, 2018:67-76.
[8] LIN Y, WANG J, TU Y, et al. Time-related network intrusion detection model:A deep learning method[C]//2019 IEEE Global Communications Conference (GLOBECOM). Waikoloa, USA, 2019:1-6.
[9] JAVAID A, NIYAZ Q, SUN W Q, et al. A deep learning approach for network intrusion detection system[C]//Proceedings of the 9th EAI International Conference on Bio-Inspired Information and Communications Technologies (Formerly BIONETICS). Brussels, Belgium:ICST, 2016:21-26.
[10] LIU T L, YU Q, LIANG S, et al. Locate-then-detect:Real-time web attack detection via attention-based deep neural networks[C]//Proceedings of the 28th International Joint Conference on Artificial Intelligence Main Track (IJCAI). San Francisco, USA:Morgan Kaufmann, 2019:4725-4731.
[11] HU J J, MA D Y, LIU C, et al. Network security situation prediction based on MR-SVM[J]. IEEE Access, 2019, 7:130937-130945.
[12] LUONG M T, PHAM H, MANNING C D. Effective approaches to attention-based neural machine translation[C]//Proceedings of the 2015 Conference on Empirical Methods in Natural Language Processing. Lisbon, Portugal:ACL, 2015:1412-1421.
[13] 刘效武, 王慧强, 吕宏武, 等. 网络安全态势认知融合感控模型[J]. 软件学报, 2016, 27(8):2099-2114. LIU X W, WANG H Q, Lü H W, et al. Fusion-based cognitive awareness-control model for network security situation[J]. Journal of Software, 2016, 27(8):2099-2114. (in Chinese)
[14] Forum of Incident Response and Security Teams. Common vulnerability scoring system v3.1:Specification document[EB/OL].[2020-06-22]. https://www.first.org/cvss/specification-document.
[15] 国务院. 国家突发公共事件总体应急预案[M]. 北京:中国法制出版社, 2006. State Council of the People's Republic of China. Overall emergency plans for national sudden public incidents[M]. Beijing:China Legal Press, 2006. (in Chinese)
[16] FERRAG M A, MAGLARAS L, MOSCHOYIANNIS S, et al. Deep learning for cyber security intrusion detection:Approaches, datasets, and comparative study[J]. Journal of Information Security and Applications, 2020, 50:102419.
[17] 杨宏宇, 王峰岩, 吕伟力. 基于无监督生成推理的网络安全威胁态势评估方法[J]. 清华大学学报(自然科学版), 2020, 60(6):474-484. YANG H Y, WANG F Y, Lü W L. Network security threat assessment method based on unsupervised generation reasoning[J]. Journal of Tsinghua University (Science and Technology), 2020, 60(6):474-484. (in Chinese)
[18] YANG L Q, ZHANG J W, WANG X Z, et al. An improved ELM-based and data preprocessing integrated approach for phishing detection considering comprehensive features[J]. Expert Systems with Applications, 2021, 165:113863.
[1] 张洋, 江铭虎. 基于句法树节点嵌入的作者识别方法[J]. 清华大学学报(自然科学版), 2023, 63(9): 1390-1398.
[2] 黄贲, 康飞, 唐玉. 基于目标检测的混凝土坝裂缝实时检测方法[J]. 清华大学学报(自然科学版), 2023, 63(7): 1078-1086.
[3] 周迅, 李永龙, 周颖玥, 王皓冉, 李佳阳, 赵家琦. 基于改进DeepLabV3+网络的坝面裂缝检测方法[J]. 清华大学学报(自然科学版), 2023, 63(7): 1153-1163.
[4] 逯波, 段晓东, 袁野. 面向跨模态检索的自监督深度语义保持Hash[J]. 清华大学学报(自然科学版), 2022, 62(9): 1442-1449.
[5] 杨宏宇, 王峰岩, 吕伟力. 基于无监督生成推理的网络安全威胁态势评估方法[J]. 清华大学学报(自然科学版), 2020, 60(6): 474-484.
[6] 李明扬, 孔芳. 融入自注意力机制的社交媒体命名实体识别[J]. 清华大学学报(自然科学版), 2019, 59(6): 461-467.
[7] 张宇, 张鹏远, 颜永红. 基于注意力LSTM和多任务学习的远场语音识别[J]. 清华大学学报(自然科学版), 2018, 58(3): 249-253.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
版权所有 © 《清华大学学报(自然科学版)》编辑部
本系统由北京玛格泰克科技发展有限公司设计开发 技术支持:support@magtech.com.cn