• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

基于数据流分类和概念漂移的增量学习遗传编程组合器的增强入侵检测。

Enhanced Intrusion Detection with Data Stream Classification and Concept Drift Guided by the Incremental Learning Genetic Programming Combiner.

机构信息

School of Computer Sciences, Universiti Sains Malaysia, USM, Gelugor 11800, Pulau Penang, Malaysia.

National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia, USM, Gelugor 11800, Pulau Penang, Malaysia.

出版信息

Sensors (Basel). 2023 Apr 4;23(7):3736. doi: 10.3390/s23073736.

DOI:10.3390/s23073736
PMID:37050795
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC10098915/
Abstract

Concept drift (CD) in data streaming scenarios such as networking intrusion detection systems (IDS) refers to the change in the statistical distribution of the data over time. There are five principal variants related to CD: incremental, gradual, recurrent, sudden, and blip. Genetic programming combiner (GPC) classification is an effective core candidate for data stream classification for IDS. However, its basic structure relies on the usage of traditional static machine learning models that receive onetime training, limiting its ability to handle CD. To address this issue, we propose an extended variant of the GPC using three main components. First, we replace existing classifiers with alternatives: online sequential extreme learning machine (OSELM), feature adaptive OSELM (FA-OSELM), and knowledge preservation OSELM (KP-OSELM). Second, we add two new components to the GPC, specifically, a data balancing and a classifier update. Third, the coordination between the sub-models produces three novel variants of the GPC: GPC-KOS for KA-OSELM; GPC-FOS for FA-OSELM; and GPC-OS for OSELM. This article presents the first data stream-based classification framework that provides novel strategies for handling CD variants. The experimental results demonstrate that both GPC-KOS and GPC-FOS outperform the traditional GPC and other state-of-the-art methods, and the transfer learning and memory features contribute to the effective handling of most types of CD. Moreover, the application of our incremental variants on real-world datasets (KDD Cup '99, CICIDS-2017, CSE-CIC-IDS-2018, and ISCX '12) demonstrate improved performance (GPC-FOS in connection with CSE-CIC-IDS-2018 and CICIDS-2017; GPC-KOS in connection with ISCX2012 and KDD Cup '99), with maximum accuracy rates of 100% and 98% by GPC-KOS and GPC-FOS, respectively. Additionally, our GPC variants do not show superior performance in handling blip drift.

摘要

概念漂移(CD)在网络入侵检测系统(IDS)等数据流场景中是指数据的统计分布随时间的变化。与 CD 相关的主要变体有五种:增量、渐进、递归、突发和脉冲。遗传编程组合器(GPC)分类是一种有效的数据分类核心候选方法,用于 IDS。然而,它的基本结构依赖于传统静态机器学习模型的使用,这些模型只能接受一次性的训练,限制了它处理 CD 的能力。为了解决这个问题,我们提出了一种使用三个主要组件的 GPC 扩展变体。首先,我们用替代方案替换现有的分类器:在线顺序极端学习机(OSELM)、特征自适应 OSELM(FA-OSELM)和知识保留 OSELM(KP-OSELM)。其次,我们在 GPC 中添加了两个新组件,即数据平衡和分类器更新。最后,子模型之间的协调产生了 GPC 的三个新变体:GPC-KOS 用于 KA-OSELM;GPC-FOS 用于 FA-OSELM;GPC-OS 用于 OSELM。本文提出了第一个基于数据流的分类框架,为处理 CD 变体提供了新的策略。实验结果表明,GPC-KOS 和 GPC-FOS 均优于传统 GPC 和其他最先进的方法,迁移学习和记忆特征有助于有效处理大多数类型的 CD。此外,我们的增量变体在真实数据集(KDD Cup '99、CICIDS-2017、CSE-CIC-IDS-2018 和 ISCX '12)上的应用证明了性能的提高(GPC-FOS 与 CSE-CIC-IDS-2018 和 CICIDS-2017 相关联;GPC-KOS 与 ISCX2012 和 KDD Cup '99 相关联),GPC-KOS 和 GPC-FOS 的最大准确率分别为 100%和 98%。此外,我们的 GPC 变体在处理脉冲漂移方面没有表现出优越的性能。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/a334402e2837/sensors-23-03736-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/19ce3df33d7d/sensors-23-03736-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/90aeef4e811f/sensors-23-03736-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/d4287457fcb7/sensors-23-03736-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/c488257f2d9d/sensors-23-03736-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/acf305a41e6f/sensors-23-03736-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/09fd44ae346b/sensors-23-03736-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/f80b3c11b4b5/sensors-23-03736-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/481b5049d133/sensors-23-03736-g008a.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/020e7438963e/sensors-23-03736-g009a.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/bc02b2a6b374/sensors-23-03736-g010a.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/ecdc81bea937/sensors-23-03736-g011a.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/52d2a4596f61/sensors-23-03736-g012a.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/3dfd823f0fbf/sensors-23-03736-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/3f8d0ff194ff/sensors-23-03736-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/a334402e2837/sensors-23-03736-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/19ce3df33d7d/sensors-23-03736-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/90aeef4e811f/sensors-23-03736-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/d4287457fcb7/sensors-23-03736-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/c488257f2d9d/sensors-23-03736-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/acf305a41e6f/sensors-23-03736-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/09fd44ae346b/sensors-23-03736-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/f80b3c11b4b5/sensors-23-03736-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/481b5049d133/sensors-23-03736-g008a.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/020e7438963e/sensors-23-03736-g009a.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/bc02b2a6b374/sensors-23-03736-g010a.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/ecdc81bea937/sensors-23-03736-g011a.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/52d2a4596f61/sensors-23-03736-g012a.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/3dfd823f0fbf/sensors-23-03736-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/3f8d0ff194ff/sensors-23-03736-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/959e/10098915/a334402e2837/sensors-23-03736-g015.jpg

相似文献

1
Enhanced Intrusion Detection with Data Stream Classification and Concept Drift Guided by the Incremental Learning Genetic Programming Combiner.基于数据流分类和概念漂移的增量学习遗传编程组合器的增强入侵检测。
Sensors (Basel). 2023 Apr 4;23(7):3736. doi: 10.3390/s23073736.
2
Knowledge Preserving OSELM Model for Wi-Fi-Based Indoor Localization.用于基于Wi-Fi的室内定位的知识保留极限学习机模型
Sensors (Basel). 2019 May 25;19(10):2397. doi: 10.3390/s19102397.
3
The accuracy of an Online Sequential Extreme Learning Machine in detecting voice pathology using the Malaysian Voice Pathology Database.使用马来西亚语音病理学数据库检测语音病理学的在线序贯极限学习机的准确性。
J Otolaryngol Head Neck Surg. 2023 Sep 20;52(1):62. doi: 10.1186/s40463-023-00661-6.
4
Developing a novel stock index trend predictor model by integrating multiple criteria decision-making with an optimized online sequential extreme learning machine.通过将多准则决策与优化的在线序贯极限学习机相结合来开发一种新型股票指数趋势预测模型。
Granul Comput. 2023;8(3):411-440. doi: 10.1007/s41066-022-00338-x. Epub 2022 Aug 3.
5
Adaptive Chunk-Based Dynamic Weighted Majority for Imbalanced Data Streams With Concept Drift.用于处理带有概念漂移的不平衡数据流的基于自适应块的动态加权多数算法
IEEE Trans Neural Netw Learn Syst. 2020 Aug;31(8):2764-2778. doi: 10.1109/TNNLS.2019.2951814. Epub 2019 Dec 5.
6
Investigating Generalized Performance of Data-Constrained Supervised Machine Learning Models on Novel, Related Samples in Intrusion Detection.在入侵检测中,研究数据受限监督机器学习模型在新颖相关样本上的泛化性能。
Sensors (Basel). 2023 Feb 7;23(4):1846. doi: 10.3390/s23041846.
7
A Continuous Learning Approach for Real-Time Network Intrusion Detection.一种用于实时网络入侵检测的持续学习方法。
Int J Neural Syst. 2021 Dec;31(12):2150060. doi: 10.1142/S012906572150060X. Epub 2021 Nov 13.
8
Adaptive Online Sequential ELM for Concept Drift Tackling.自适应在线序贯 ELM 应对概念漂移。
Comput Intell Neurosci. 2016;2016:8091267. doi: 10.1155/2016/8091267. Epub 2016 Aug 9.
9
Reacting to different types of concept drift: the Accuracy Updated Ensemble algorithm.应对不同类型的概念漂移:准确性更新集成算法。
IEEE Trans Neural Netw Learn Syst. 2014 Jan;25(1):81-94. doi: 10.1109/TNNLS.2013.2251352.
10
Coupled online sequential extreme learning machine model with ant colony optimization algorithm for wheat yield prediction.基于蚁群算法的耦合在线序贯极限学习机模型在小麦产量预测中的应用
Sci Rep. 2022 Mar 31;12(1):5488. doi: 10.1038/s41598-022-09482-5.

引用本文的文献

1
NIDS-FGPA: A federated learning network intrusion detection algorithm based on secure aggregation of gradient similarity models.NIDS-FGPA:一种基于梯度相似模型安全聚合的联邦学习网络入侵检测算法。
PLoS One. 2024 Oct 24;19(10):e0308639. doi: 10.1371/journal.pone.0308639. eCollection 2024.
2
From COVID-19 to monkeypox: a novel predictive model for emerging infectious diseases.从新冠疫情到猴痘:一种针对新发传染病的新型预测模型。
BioData Min. 2024 Oct 22;17(1):42. doi: 10.1186/s13040-024-00396-8.
3
An improved intrusion detection method for IIoT using attention mechanisms, BiGRU, and Inception-CNN.

本文引用的文献

1
Classification of the drifting data streams using heterogeneous diversified dynamic class-weighted ensemble.使用异构多样化动态类加权集成对漂移数据流进行分类。
PeerJ Comput Sci. 2021 Apr 1;7:e459. doi: 10.7717/peerj-cs.459. eCollection 2021.
2
A Diversity Framework for Dealing With Multiple Types of Concept Drift Based on Clustering in the Model Space.一种基于模型空间聚类处理多种类型概念漂移的多样性框架。
IEEE Trans Neural Netw Learn Syst. 2022 Mar;33(3):1299-1309. doi: 10.1109/TNNLS.2020.3041684. Epub 2022 Feb 28.
3
Tackling Faults in the Industry 4.0 Era-A Survey of Machine-Learning Solutions and Key Aspects.
一种基于注意力机制、双向门控循环单元(BiGRU)和卷积神经网络(Inception-CNN)的工业物联网(IIoT)入侵检测改进方法。
Sci Rep. 2024 Aug 20;14(1):19339. doi: 10.1038/s41598-024-70094-2.
应对工业 4.0 时代的故障——机器学习解决方案及关键方面综述。
Sensors (Basel). 2019 Dec 23;20(1):109. doi: 10.3390/s20010109.
4
Knowledge Preserving OSELM Model for Wi-Fi-Based Indoor Localization.用于基于Wi-Fi的室内定位的知识保留极限学习机模型
Sensors (Basel). 2019 May 25;19(10):2397. doi: 10.3390/s19102397.
5
A Systematic Study of Online Class Imbalance Learning With Concept Drift.基于概念漂移的在线类别不平衡学习的系统研究
IEEE Trans Neural Netw Learn Syst. 2018 Oct;29(10):4802-4821. doi: 10.1109/TNNLS.2017.2771290. Epub 2018 Jan 4.