• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

一种使用机器学习检测未知数据中零日攻击的入侵检测模型。

An intrusion detection model to detect zero-day attacks in unseen data using machine learning.

机构信息

Department of Computer System and Technology, Faculty of Computer Science and Information Technology, Universiti Malaya, Kuala Lumpur, Malaysia.

Department of Computer Science and Information Engineering, National Taipei University of Technology, Taipei Taiwan.

出版信息

PLoS One. 2024 Sep 11;19(9):e0308469. doi: 10.1371/journal.pone.0308469. eCollection 2024.

DOI:10.1371/journal.pone.0308469
PMID:39259729
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC11389943/
Abstract

In an era marked by pervasive digital connectivity, cybersecurity concerns have escalated. The rapid evolution of technology has led to a spectrum of cyber threats, including sophisticated zero-day attacks. This research addresses the challenge of existing intrusion detection systems in identifying zero-day attacks using the CIC-MalMem-2022 dataset and autoencoders for anomaly detection. The trained autoencoder is integrated with XGBoost and Random Forest, resulting in the models XGBoost-AE and Random Forest-AE. The study demonstrates that incorporating an anomaly detector into traditional models significantly enhances performance. The Random Forest-AE model achieved 100% accuracy, precision, recall, F1 score, and Matthews Correlation Coefficient (MCC), outperforming the methods proposed by Balasubramanian et al., Khan, Mezina et al., Smith et al., and Dener et al. When tested on unseen data, the Random Forest-AE model achieved an accuracy of 99.9892%, precision of 100%, recall of 99.9803%, F1 score of 99.9901%, and MCC of 99.8313%. This research highlights the effectiveness of the proposed model in maintaining high accuracy even with previously unseen data.

摘要

在这个数字化连接无处不在的时代,网络安全问题日益严重。技术的快速发展带来了一系列的网络威胁,包括复杂的零日攻击。本研究使用 CIC-MalMem-2022 数据集和自动编码器解决了现有入侵检测系统在识别零日攻击方面的挑战,用于异常检测。训练好的自动编码器与 XGBoost 和随机森林集成,形成了 XGBoost-AE 和随机森林-AE 两种模型。研究表明,将异常检测器集成到传统模型中可以显著提高性能。随机森林-AE 模型在准确率、精度、召回率、F1 得分和马修斯相关系数(MCC)方面均达到 100%,优于 Balasubramanian 等人、Khan、Mezina 等人、Smith 等人和 Dener 等人提出的方法。在对未见数据进行测试时,随机森林-AE 模型的准确率为 99.9892%,精度为 100%,召回率为 99.9803%,F1 得分为 99.9901%,MCC 为 99.8313%。这项研究强调了所提出模型在处理以前未见数据时保持高准确率的有效性。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/8b3b131084dd/pone.0308469.g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/f6f73703ea97/pone.0308469.g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/a99c6547d38f/pone.0308469.g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/5efd97406901/pone.0308469.g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/42a0088ba100/pone.0308469.g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/40286f5b86c1/pone.0308469.g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/640ffb153455/pone.0308469.g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/5317a43091b6/pone.0308469.g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/9ae408c7f713/pone.0308469.g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/fd1bc6b90f22/pone.0308469.g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/6b2cab7e871d/pone.0308469.g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/7e6018e5caf1/pone.0308469.g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/4ad4bc2d7f1a/pone.0308469.g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/e1fa637ca6ff/pone.0308469.g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/32ec20cb3e74/pone.0308469.g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/8b3b131084dd/pone.0308469.g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/f6f73703ea97/pone.0308469.g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/a99c6547d38f/pone.0308469.g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/5efd97406901/pone.0308469.g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/42a0088ba100/pone.0308469.g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/40286f5b86c1/pone.0308469.g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/640ffb153455/pone.0308469.g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/5317a43091b6/pone.0308469.g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/9ae408c7f713/pone.0308469.g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/fd1bc6b90f22/pone.0308469.g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/6b2cab7e871d/pone.0308469.g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/7e6018e5caf1/pone.0308469.g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/4ad4bc2d7f1a/pone.0308469.g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/e1fa637ca6ff/pone.0308469.g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/32ec20cb3e74/pone.0308469.g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/52c5/11389943/8b3b131084dd/pone.0308469.g015.jpg

相似文献

1
An intrusion detection model to detect zero-day attacks in unseen data using machine learning.一种使用机器学习检测未知数据中零日攻击的入侵检测模型。
PLoS One. 2024 Sep 11;19(9):e0308469. doi: 10.1371/journal.pone.0308469. eCollection 2024.
2
Enhancing Cybersecurity in Healthcare: Evaluating Ensemble Learning Models for Intrusion Detection in the Internet of Medical Things.增强医疗保健领域的网络安全:评估物联网中入侵检测的集成学习模型。
Sensors (Basel). 2024 Sep 13;24(18):5937. doi: 10.3390/s24185937.
3
A hybrid feature weighted attention based deep learning approach for an intrusion detection system using the random forest algorithm.基于混合特征加权注意力的深度学习方法与随机森林算法在入侵检测系统中的应用。
PLoS One. 2024 May 23;19(5):e0302294. doi: 10.1371/journal.pone.0302294. eCollection 2024.
4
Multi-Layered Filtration Framework for Efficient Detection of Network Attacks Using Machine Learning.多层过滤框架,利用机器学习高效检测网络攻击。
Sensors (Basel). 2023 Jun 22;23(13):5829. doi: 10.3390/s23135829.
5
Attacks to Automatous Vehicles: A Deep Learning Algorithm for Cybersecurity.自动驾驶汽车攻击:网络安全的深度学习算法。
Sensors (Basel). 2022 Jan 4;22(1):360. doi: 10.3390/s22010360.
6
Evaluation of Machine Learning Techniques for Traffic Flow-Based Intrusion Detection.基于流量的入侵检测的机器学习技术评估。
Sensors (Basel). 2022 Nov 30;22(23):9326. doi: 10.3390/s22239326.
7
A robust intrusion detection system based on a shallow learning model and feature extraction techniques.基于浅层学习模型和特征提取技术的鲁棒入侵检测系统。
PLoS One. 2024 Jan 24;19(1):e0295801. doi: 10.1371/journal.pone.0295801. eCollection 2024.
8
A DDoS Detection Method Based on Feature Engineering and Machine Learning in Software-Defined Networks.基于特征工程和机器学习的软件定义网络中的 DDoS 检测方法。
Sensors (Basel). 2023 Jul 5;23(13):6176. doi: 10.3390/s23136176.
9
Development of an IoT Architecture Based on a Deep Neural Network against Cyber Attacks for Automated Guided Vehicles.基于深度神经网络的物联网架构开发,以应对自动化引导车辆的网络攻击。
Sensors (Basel). 2021 Dec 18;21(24):8467. doi: 10.3390/s21248467.
10
Evaluating modern intrusion detection methods in the face of Gen V multi-vector attacks with fuzzy AHP-TOPSIS.基于模糊层次分析法-逼近理想解排序法对 Gen V 多向量攻击下的现代入侵检测方法进行评估。
PLoS One. 2024 May 14;19(5):e0302559. doi: 10.1371/journal.pone.0302559. eCollection 2024.

引用本文的文献

1
An optimized stacking-based TinyML model for attack detection in IoT networks.一种用于物联网网络攻击检测的基于优化堆叠的 TinyML 模型。
PLoS One. 2025 Aug 1;20(8):e0329227. doi: 10.1371/journal.pone.0329227. eCollection 2025.
2
Enhancing IoT cybersecurity through lean-based hybrid feature selection and ensemble learning: A visual analytics approach to intrusion detection.通过基于精益的混合特征选择和集成学习增强物联网网络安全:一种用于入侵检测的可视化分析方法。
PLoS One. 2025 Jul 21;20(7):e0328050. doi: 10.1371/journal.pone.0328050. eCollection 2025.
3
Adaptive malware identification via integrated SimCLR and GRU networks.
通过集成SimCLR和GRU网络实现自适应恶意软件识别
Sci Rep. 2025 Jul 13;15(1):25309. doi: 10.1038/s41598-025-08556-4.
4
Enhancing IDS for the IoMT based on advanced features selection and deep learning methods to increase the model trustworthiness.基于先进特征选择和深度学习方法增强物联网医疗的入侵检测系统,以提高模型的可信度。
PLoS One. 2025 Jul 2;20(7):e0327137. doi: 10.1371/journal.pone.0327137. eCollection 2025.
5
Cyber security Enhancements with reinforcement learning: A zero-day vulnerabilityu identification perspective.基于强化学习的网络安全增强:零日漏洞识别视角
PLoS One. 2025 May 27;20(5):e0324595. doi: 10.1371/journal.pone.0324595. eCollection 2025.
6
A simulation-driven computational framework for adaptive energy-efficient optimization in machine learning-based intrusion detection systems.一种用于基于机器学习的入侵检测系统中自适应节能优化的模拟驱动计算框架。
Sci Rep. 2025 Apr 18;15(1):13376. doi: 10.1038/s41598-025-93254-4.