• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

使用基于决策树的近端策略优化算法高效检测恶意流量:一种结合熵的深度强化学习恶意流量检测模型

Efficient Detection of Malicious Traffic Using a Decision Tree-Based Proximal Policy Optimisation Algorithm: A Deep Reinforcement Learning Malicious Traffic Detection Model Incorporating Entropy.

作者信息

Zhao Yuntao, Ma Deao, Liu Wei

机构信息

School of Information Science and Engineering, Shenyang Ligong University, Shenyang 110159, China.

出版信息

Entropy (Basel). 2024 Jul 30;26(8):648. doi: 10.3390/e26080648.

DOI:10.3390/e26080648
PMID:39202118
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC11353857/
Abstract

With the popularity of the Internet and the increase in the level of information technology, cyber attacks have become an increasingly serious problem. They pose a great threat to the security of individuals, enterprises, and the state. This has made network intrusion detection technology critically important. In this paper, a malicious traffic detection model is constructed based on a decision tree classifier of entropy and a proximal policy optimisation algorithm (PPO) of deep reinforcement learning. Firstly, the decision tree idea in machine learning is used to make a preliminary classification judgement on the dataset based on the information entropy. The importance score of each feature in the classification work is calculated and the features with lower contributions are removed. Then, it is handed over to the PPO algorithm model for detection. An entropy regularity term is introduced in the process of the PPO algorithm update. Finally, the deep reinforcement learning algorithm is used to continuously train and update the parameters during the detection process, and finally, the detection model with higher accuracy is obtained. Experiments show that the binary classification accuracy of the malicious traffic detection model based on the deep reinforcement learning PPO algorithm can reach 99.17% under the CIC-IDS2017 dataset used in this paper.

摘要

随着互联网的普及和信息技术水平的提高,网络攻击已成为一个日益严重的问题。它们对个人、企业和国家的安全构成了巨大威胁。这使得网络入侵检测技术变得至关重要。本文基于熵的决策树分类器和深度强化学习的近端策略优化算法(PPO)构建了一种恶意流量检测模型。首先,利用机器学习中的决策树思想,基于信息熵对数据集进行初步分类判断。计算分类工作中每个特征的重要性得分,并去除贡献较低的特征。然后,将其交给PPO算法模型进行检测。在PPO算法更新过程中引入熵正则项。最后,在检测过程中利用深度强化学习算法不断训练和更新参数,最终得到准确率较高的检测模型。实验表明,基于深度强化学习PPO算法的恶意流量检测模型在本文使用的CIC-IDS2017数据集下,二分类准确率可达99.17%。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/9ab009309201/entropy-26-00648-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/1453db367bde/entropy-26-00648-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/ef8f164b3e75/entropy-26-00648-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/8523bff5a6fc/entropy-26-00648-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/687b8f124144/entropy-26-00648-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/1154392bf4e4/entropy-26-00648-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/57b975397916/entropy-26-00648-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/676e70ba8769/entropy-26-00648-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/03016a4c4302/entropy-26-00648-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/b674415b9d87/entropy-26-00648-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/1e10e33efaca/entropy-26-00648-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/4e9d0301aaeb/entropy-26-00648-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/9ab009309201/entropy-26-00648-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/1453db367bde/entropy-26-00648-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/ef8f164b3e75/entropy-26-00648-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/8523bff5a6fc/entropy-26-00648-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/687b8f124144/entropy-26-00648-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/1154392bf4e4/entropy-26-00648-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/57b975397916/entropy-26-00648-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/676e70ba8769/entropy-26-00648-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/03016a4c4302/entropy-26-00648-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/b674415b9d87/entropy-26-00648-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/1e10e33efaca/entropy-26-00648-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/4e9d0301aaeb/entropy-26-00648-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/d142/11353857/9ab009309201/entropy-26-00648-g005.jpg

相似文献

1
Efficient Detection of Malicious Traffic Using a Decision Tree-Based Proximal Policy Optimisation Algorithm: A Deep Reinforcement Learning Malicious Traffic Detection Model Incorporating Entropy.使用基于决策树的近端策略优化算法高效检测恶意流量:一种结合熵的深度强化学习恶意流量检测模型
Entropy (Basel). 2024 Jul 30;26(8):648. doi: 10.3390/e26080648.
2
Cyber Threat Intelligence-Based Malicious URL Detection Model Using Ensemble Learning.基于网络威胁情报的集成学习恶意 URL 检测模型。
Sensors (Basel). 2022 Apr 28;22(9):3373. doi: 10.3390/s22093373.
3
Malicious Network Traffic Detection Based on Deep Neural Networks and Association Analysis.基于深度神经网络和关联分析的恶意网络流量检测。
Sensors (Basel). 2020 Mar 6;20(5):1452. doi: 10.3390/s20051452.
4
Evaluation of Machine Learning Techniques for Traffic Flow-Based Intrusion Detection.基于流量的入侵检测的机器学习技术评估。
Sensors (Basel). 2022 Nov 30;22(23):9326. doi: 10.3390/s22239326.
5
A hybrid feature weighted attention based deep learning approach for an intrusion detection system using the random forest algorithm.基于混合特征加权注意力的深度学习方法与随机森林算法在入侵检测系统中的应用。
PLoS One. 2024 May 23;19(5):e0302294. doi: 10.1371/journal.pone.0302294. eCollection 2024.
6
Network Anomaly Intrusion Detection Based on Deep Learning Approach.基于深度学习方法的网络异常入侵检测。
Sensors (Basel). 2023 Feb 15;23(4):2171. doi: 10.3390/s23042171.
7
End-to-End Network Intrusion Detection Based on Contrastive Learning.基于对比学习的端到端网络入侵检测
Sensors (Basel). 2024 Mar 26;24(7):2122. doi: 10.3390/s24072122.
8
Malicious Traffic Identification with Self-Supervised Contrastive Learning.基于自监督对比学习的恶意流量识别
Sensors (Basel). 2023 Aug 17;23(16):7215. doi: 10.3390/s23167215.
9
Multi-Classification and Tree-Based Ensemble Network for the Intrusion Detection System in the Internet of Vehicles.用于车联网入侵检测系统的多分类与基于树的集成网络
Sensors (Basel). 2023 Oct 28;23(21):8788. doi: 10.3390/s23218788.
10
TSFN: A Novel Malicious Traffic Classification Method Using BERT and LSTM.TSFN:一种使用BERT和LSTM的新型恶意流量分类方法
Entropy (Basel). 2023 May 19;25(5):821. doi: 10.3390/e25050821.

引用本文的文献

1
Few-shot network intrusion detection method based on multi-domain fusion and cross-attention.基于多域融合与交叉注意力的少样本网络入侵检测方法
PLoS One. 2025 Jul 2;20(7):e0327161. doi: 10.1371/journal.pone.0327161. eCollection 2025.

本文引用的文献

1
A Survey of Convolutional Neural Networks: Analysis, Applications, and Prospects.卷积神经网络综述:分析、应用与展望
IEEE Trans Neural Netw Learn Syst. 2022 Dec;33(12):6999-7019. doi: 10.1109/TNNLS.2021.3084827. Epub 2022 Nov 30.
2
Machine learning: Trends, perspectives, and prospects.机器学习:趋势、观点和展望。
Science. 2015 Jul 17;349(6245):255-60. doi: 10.1126/science.aaa8415.
3
Human-level control through deep reinforcement learning.通过深度强化学习实现人类水平的控制。
Nature. 2015 Feb 26;518(7540):529-33. doi: 10.1038/nature14236.