• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

基于无监督学习和开放集识别的未知入侵流量检测方法

Unknown intrusion traffic detection method based on unsupervised learning and open-set recognition.

作者信息

Fang Jun, Xie Cunxiang

机构信息

Naval Aviation University, Yantai, 264001, China.

出版信息

Sci Rep. 2025 May 16;15(1):17001. doi: 10.1038/s41598-025-01084-1.

DOI:10.1038/s41598-025-01084-1
PMID:40379727
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC12084351/
Abstract

Intrusion traffic detection technology is an important network protection technology to ensure network communication security and protect users' information privacy. To address problems relating to the low classification accuracy of current intrusion traffic detection algorithms and that most of the current research focus on closed set detection, this paper proposes a detection and classification model for open set traffic based on information maximization generative adversarial network and OpenMax algorithm. Firstly, the intrusion traffic classification model under the closed set condition is trained, and the sample activation vector is recalculated in the penultimate layer of the model by using the OpenMax algorithm. According to the activation vector of the known category, the estimated probability of the unknown category is then calculated to identify unknown traffic. Results show that the model's classification accuracy for CICIDS2017 open set traffic in the misuse and anomaly detection experiments is above 88.5 and 88.2%, respectively. The model can effectively detect various types of unknown traffic with high detection accuracy and robustness.

摘要

入侵流量检测技术是确保网络通信安全、保护用户信息隐私的一项重要网络保护技术。针对当前入侵流量检测算法分类准确率低以及当前大多数研究集中于闭集检测的问题,本文提出一种基于信息最大化生成对抗网络和OpenMax算法的开放集流量检测与分类模型。首先,训练闭集条件下的入侵流量分类模型,并使用OpenMax算法在模型的倒数第二层重新计算样本激活向量。根据已知类别的激活向量,计算未知类别的估计概率以识别未知流量。结果表明,该模型在误用检测和异常检测实验中对CICIDS2017开放集流量的分类准确率分别高于88.5%和88.2%。该模型能够以高检测准确率和鲁棒性有效检测各类未知流量。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/0f9162b86931/41598_2025_1084_Fig19_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/ece54b5a38e4/41598_2025_1084_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/12de1d04ab06/41598_2025_1084_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/0b2f7b81409e/41598_2025_1084_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/24fefdfd1b77/41598_2025_1084_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/35f14173e16f/41598_2025_1084_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/68ea269d2f4a/41598_2025_1084_Fig6_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/89f00281875b/41598_2025_1084_Figa_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/751d878ac0c6/41598_2025_1084_Figb_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/27193ae3153e/41598_2025_1084_Fig7_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/b9cda95e8343/41598_2025_1084_Fig8_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/49b60db58442/41598_2025_1084_Fig9_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/27300a0b78ce/41598_2025_1084_Fig10_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/6a145eb4871e/41598_2025_1084_Fig11_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/ee1637fe39c5/41598_2025_1084_Fig12_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/7e4876ebbec2/41598_2025_1084_Fig13_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/d055254947eb/41598_2025_1084_Fig14_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/fb34b45a848b/41598_2025_1084_Fig15_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/74ceb20f3ca2/41598_2025_1084_Fig16_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/b1ea074a62c2/41598_2025_1084_Fig17_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/3cacc93a79d4/41598_2025_1084_Fig18_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/0f9162b86931/41598_2025_1084_Fig19_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/ece54b5a38e4/41598_2025_1084_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/12de1d04ab06/41598_2025_1084_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/0b2f7b81409e/41598_2025_1084_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/24fefdfd1b77/41598_2025_1084_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/35f14173e16f/41598_2025_1084_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/68ea269d2f4a/41598_2025_1084_Fig6_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/89f00281875b/41598_2025_1084_Figa_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/751d878ac0c6/41598_2025_1084_Figb_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/27193ae3153e/41598_2025_1084_Fig7_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/b9cda95e8343/41598_2025_1084_Fig8_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/49b60db58442/41598_2025_1084_Fig9_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/27300a0b78ce/41598_2025_1084_Fig10_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/6a145eb4871e/41598_2025_1084_Fig11_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/ee1637fe39c5/41598_2025_1084_Fig12_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/7e4876ebbec2/41598_2025_1084_Fig13_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/d055254947eb/41598_2025_1084_Fig14_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/fb34b45a848b/41598_2025_1084_Fig15_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/74ceb20f3ca2/41598_2025_1084_Fig16_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/b1ea074a62c2/41598_2025_1084_Fig17_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/3cacc93a79d4/41598_2025_1084_Fig18_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/1c57/12084351/0f9162b86931/41598_2025_1084_Fig19_HTML.jpg

相似文献

1
Unknown intrusion traffic detection method based on unsupervised learning and open-set recognition.基于无监督学习和开放集识别的未知入侵流量检测方法
Sci Rep. 2025 May 16;15(1):17001. doi: 10.1038/s41598-025-01084-1.
2
Evaluation of Machine Learning Techniques for Traffic Flow-Based Intrusion Detection.基于流量的入侵检测的机器学习技术评估。
Sensors (Basel). 2022 Nov 30;22(23):9326. doi: 10.3390/s22239326.
3
Development of a Machine-Learning Intrusion Detection System and Testing of Its Performance Using a Generative Adversarial Network.开发机器学习入侵检测系统并使用生成对抗网络测试其性能。
Sensors (Basel). 2023 Jan 24;23(3):1315. doi: 10.3390/s23031315.
4
A hybrid feature weighted attention based deep learning approach for an intrusion detection system using the random forest algorithm.基于混合特征加权注意力的深度学习方法与随机森林算法在入侵检测系统中的应用。
PLoS One. 2024 May 23;19(5):e0302294. doi: 10.1371/journal.pone.0302294. eCollection 2024.
5
DOC-IDS: A Deep Learning-Based Method for Feature Extraction and Anomaly Detection in Network Traffic.文档 ID:一种基于深度学习的网络流量特征提取和异常检测方法。
Sensors (Basel). 2022 Jun 10;22(12):4405. doi: 10.3390/s22124405.
6
Multi-Classification and Tree-Based Ensemble Network for the Intrusion Detection System in the Internet of Vehicles.用于车联网入侵检测系统的多分类与基于树的集成网络
Sensors (Basel). 2023 Oct 28;23(21):8788. doi: 10.3390/s23218788.
7
VAE-WACGAN: An Improved Data Augmentation Method Based on VAEGAN for Intrusion Detection.变分自编码器- Wasserstein对抗生成网络:一种基于变分自编码器-生成对抗网络的改进型入侵检测数据增强方法
Sensors (Basel). 2024 Sep 18;24(18):6035. doi: 10.3390/s24186035.
8
Adversarial attacks against supervised machine learning based network intrusion detection systems.对抗攻击对基于监督机器学习的网络入侵检测系统的影响。
PLoS One. 2022 Oct 14;17(10):e0275971. doi: 10.1371/journal.pone.0275971. eCollection 2022.
9
Privacy Protection and Intrusion Detection System of Wireless Sensor Network Based on Artificial Neural Network.基于人工神经网络的无线传感器网络隐私保护与入侵检测系统。
Comput Intell Neurosci. 2022 Jun 22;2022:1795454. doi: 10.1155/2022/1795454. eCollection 2022.
10
Elevated few-shot network intrusion detection via self-attention mechanisms and iterative refinement.通过自注意力机制和迭代优化实现的少样本网络入侵检测性能提升
PLoS One. 2025 Jan 16;20(1):e0317713. doi: 10.1371/journal.pone.0317713. eCollection 2025.

本文引用的文献

1
Convolutional Prototype Network for Open Set Recognition.用于开放式识别的卷积原型网络。
IEEE Trans Pattern Anal Mach Intell. 2022 May;44(5):2358-2370. doi: 10.1109/TPAMI.2020.3045079. Epub 2022 Apr 1.
2
Probability Models for Open Set Recognition.开放式识别的概率模型。
IEEE Trans Pattern Anal Mach Intell. 2014 Nov;36(11):2317-24. doi: 10.1109/TPAMI.2014.2321392.
3
Deep learning.深度学习。
Nature. 2015 May 28;521(7553):436-44. doi: 10.1038/nature14539.
4
Toward open set recognition.面向开集识别。
IEEE Trans Pattern Anal Mach Intell. 2013 Jul;35(7):1757-72. doi: 10.1109/TPAMI.2012.256.
5
Meta-Recognition: The Theory and Practice of Recognition Score Analysis.元识别:识别评分分析的理论与实践。
IEEE Trans Pattern Anal Mach Intell. 2011 Aug;33(8):1689-95. doi: 10.1109/TPAMI.2011.54. Epub 2011 Apr 5.