基于深度学习的拟态裁决方法研究
TP393.08; 针对软硬件差异化容易导致拟态裁决结果不一致所造成的假阳现象被误认为网络攻击的问题,提出了一种基于深度学习的拟态裁决方法.通过构建无监督的自编码-解码深度学习模型,挖掘不同执行体输出多样化正常响应数据的深度语义特征,分析归纳其统计规律,并通过设计基于离线学习-在线裁决联动的训练机制和基于反馈优化机制来解决假阳现象,从而准确检测网络攻击,提高目标系统的安全弹性.鉴于软硬件差异导致正常响应数据间的统计规律已被深度学习模型理解掌握,因此不同执行体间拟态裁决结果将保持一致,即目标系统处于安全状态.一旦目标系统受到网络攻击,执行体的响应数据将偏离深度学习模型的统计规律,致使拟态裁决结果...
Saved in:
| Published in | 通信学报 Vol. 45; no. 2; pp. 79 - 89 |
|---|---|
| Main Authors | , , , , |
| Format | Journal Article |
| Language | Chinese |
| Published |
网络空间安全教育部重点实验室,河南 郑州 450000%嵩山实验室,河南 郑州 450046
25.02.2024
信息工程大学信息技术研究所,河南 郑州 450002%信息工程大学信息技术研究所,河南 郑州 450002 |
| Subjects | |
| Online Access | Get full text |
| ISSN | 1000-436X |
| DOI | 10.11959/j.issn.1000-436x.2024047 |
Cover
| Abstract | TP393.08; 针对软硬件差异化容易导致拟态裁决结果不一致所造成的假阳现象被误认为网络攻击的问题,提出了一种基于深度学习的拟态裁决方法.通过构建无监督的自编码-解码深度学习模型,挖掘不同执行体输出多样化正常响应数据的深度语义特征,分析归纳其统计规律,并通过设计基于离线学习-在线裁决联动的训练机制和基于反馈优化机制来解决假阳现象,从而准确检测网络攻击,提高目标系统的安全弹性.鉴于软硬件差异导致正常响应数据间的统计规律已被深度学习模型理解掌握,因此不同执行体间拟态裁决结果将保持一致,即目标系统处于安全状态.一旦目标系统受到网络攻击,执行体的响应数据将偏离深度学习模型的统计规律,致使拟态裁决结果不一致,即目标系统存在潜在安全威胁.实验结果表明,所提方法的检测性能显著优于主流的拟态裁决方法,且平均预测准确度提升了14.89%,有利于将该方法集成到真实应用的拟态化改造来增强系统的防护能力. |
|---|---|
| AbstractList | TP393.08; 针对软硬件差异化容易导致拟态裁决结果不一致所造成的假阳现象被误认为网络攻击的问题,提出了一种基于深度学习的拟态裁决方法.通过构建无监督的自编码-解码深度学习模型,挖掘不同执行体输出多样化正常响应数据的深度语义特征,分析归纳其统计规律,并通过设计基于离线学习-在线裁决联动的训练机制和基于反馈优化机制来解决假阳现象,从而准确检测网络攻击,提高目标系统的安全弹性.鉴于软硬件差异导致正常响应数据间的统计规律已被深度学习模型理解掌握,因此不同执行体间拟态裁决结果将保持一致,即目标系统处于安全状态.一旦目标系统受到网络攻击,执行体的响应数据将偏离深度学习模型的统计规律,致使拟态裁决结果不一致,即目标系统存在潜在安全威胁.实验结果表明,所提方法的检测性能显著优于主流的拟态裁决方法,且平均预测准确度提升了14.89%,有利于将该方法集成到真实应用的拟态化改造来增强系统的防护能力. |
| Abstract_FL | Due to software and hardware differentiation,the problem of false positives mistakenly identified as network attack behavior caused by inconsistent mimic decision results frequently occurs.Therefore,a mimic decision method based on deep learning was proposed.By constructing an unsupervised autoencoder-decoder deep learning model,the deep semantic features of diverse normal response data were explored from different executions and its statistical rules were analyzed and summarized.Additionally,the offline learning-online decision-making mechanism and the feedback optimization mechanism were designed to solve false positive problem,thereby accurately detecting network attacks and improving target system security resilience.Since statistical rules of normal response data was understood and mastered by deep learning model,the mimic decision results among different executions could remain consistent,indicating that the target system was in a secure state.However,once the target system was subjected to a network attacks,the response data outputted by the different executions was deviated from statistical distribution of deep learning model.Therefore,inconsistent mimic decision results were presented,indicating that the affected execution was under attack and the target system was exposed to potential security threats.The experiments show that the performance of the proposed method is significantly superior to the popular mimic decision methods,and the average prediction accuracy is improved by 14.89%,which is conducive to integrating the method into the mimic transformation of real application to enhance the system's defensive capability. |
| Author | 程国振 郝兵 杨晓晗 张帅 刘文彦 |
| AuthorAffiliation | 信息工程大学信息技术研究所,河南 郑州 450002%信息工程大学信息技术研究所,河南 郑州 450002;网络空间安全教育部重点实验室,河南 郑州 450000%嵩山实验室,河南 郑州 450046 |
| AuthorAffiliation_xml | – name: 信息工程大学信息技术研究所,河南 郑州 450002%信息工程大学信息技术研究所,河南 郑州 450002;网络空间安全教育部重点实验室,河南 郑州 450000%嵩山实验室,河南 郑州 450046 |
| Author_FL | HAO Bing LIU Wenyan CHENG Guozhen ZHANG Shuai YANG Xiaohan |
| Author_FL_xml | – sequence: 1 fullname: YANG Xiaohan – sequence: 2 fullname: CHENG Guozhen – sequence: 3 fullname: LIU Wenyan – sequence: 4 fullname: ZHANG Shuai – sequence: 5 fullname: HAO Bing |
| Author_xml | – sequence: 1 fullname: 杨晓晗 – sequence: 2 fullname: 程国振 – sequence: 3 fullname: 刘文彦 – sequence: 4 fullname: 张帅 – sequence: 5 fullname: 郝兵 |
| BookMark | eNrjYmDJy89LZWBQNDTQMzS0NLXUz9LLLC7O0zM0MDDQNTE2q9AzMjAyMTAxZ2HghIlFcDDwFhdnJhmYGhqbmxkYG3Iy6D6dv-vJrr5n2zc-3bXs6dplT3YueD6r5Vn3_GcNjS8WNz5t2_xs2s5nm6c-XzDl-cptPAysaYk5xam8UJqbIdTNNcTZQ9fH393T2dFHtxholbmuqYGJhakF0EJjU4PUNLNU45Qkw5TEFDPTNMPEpKREo9Q0Y4MUoxQz45QU8zQTI-MkU2NDo9SUVIPktLRkU8MkY24GVYi55Yl5aYl56fFZ-aVFeUAb40sqKpLAHjMCWmQMANu0WKw |
| ClassificationCodes | TP393.08 |
| ContentType | Journal Article |
| Copyright | Copyright © Wanfang Data Co. Ltd. All Rights Reserved. |
| Copyright_xml | – notice: Copyright © Wanfang Data Co. Ltd. All Rights Reserved. |
| DBID | 2B. 4A8 92I 93N PSX TCJ |
| DOI | 10.11959/j.issn.1000-436x.2024047 |
| DatabaseName | Wanfang Data Journals - Hong Kong WANFANG Data Centre Wanfang Data Journals 万方数据期刊 - 香港版 China Online Journals (COJ) China Online Journals (COJ) |
| DatabaseTitleList | |
| DeliveryMethod | fulltext_linktorsrc |
| DocumentTitle_FL | Research on mimic decision method based on deep learning |
| EndPage | 89 |
| ExternalDocumentID | txxb202402007 |
| GroupedDBID | -0Y 2B. 4A8 92I 93N ALMA_UNASSIGNED_HOLDINGS CCEZO CUBFJ GROUPED_DOAJ PSX TCJ |
| ID | FETCH-LOGICAL-s1007-504858436350ef6e3db1dad65f1abba2ef30d2d63dd7f423b5312ede0cffc51b3 |
| ISSN | 1000-436X |
| IngestDate | Thu May 29 04:00:49 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Issue | 2 |
| Keywords | active defense deep learning mimic defense 主动防御 深度学习 offline learning-online decision-making mimic decision 拟态防御 离线训练-在线裁决 拟态裁决 |
| Language | Chinese |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-s1007-504858436350ef6e3db1dad65f1abba2ef30d2d63dd7f423b5312ede0cffc51b3 |
| PageCount | 11 |
| ParticipantIDs | wanfang_journals_txxb202402007 |
| PublicationCentury | 2000 |
| PublicationDate | 2024-02-25 |
| PublicationDateYYYYMMDD | 2024-02-25 |
| PublicationDate_xml | – month: 02 year: 2024 text: 2024-02-25 day: 25 |
| PublicationDecade | 2020 |
| PublicationTitle | 通信学报 |
| PublicationTitle_FL | Journal on Communications |
| PublicationYear | 2024 |
| Publisher | 网络空间安全教育部重点实验室,河南 郑州 450000%嵩山实验室,河南 郑州 450046 信息工程大学信息技术研究所,河南 郑州 450002%信息工程大学信息技术研究所,河南 郑州 450002 |
| Publisher_xml | – name: 信息工程大学信息技术研究所,河南 郑州 450002%信息工程大学信息技术研究所,河南 郑州 450002 – name: 网络空间安全教育部重点实验室,河南 郑州 450000%嵩山实验室,河南 郑州 450046 |
| SSID | ssib051376031 ssj0002912165 ssib058759023 ssib001102965 ssib023646527 ssib023168036 ssib036439991 ssib050281523 ssib000968473 |
| Score | 2.424314 |
| Snippet | TP393.08; 针对软硬件差异化容易导致拟态裁决结果不一致所造成的假阳现象被误认为网络攻击的问题,提出了一种基于深度学习的拟态裁决方法.通过构建无监督的自编码-解码深度... |
| SourceID | wanfang |
| SourceType | Aggregation Database |
| StartPage | 79 |
| Title | 基于深度学习的拟态裁决方法研究 |
| URI | https://d.wanfangdata.com.cn/periodical/txxb202402007 |
| Volume | 45 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVAON databaseName: Directory of Open Access Journals issn: 1000-436X databaseCode: DOA dateStart: 20230101 customDbUrl: isFulltext: true dateEnd: 99991231 titleUrlDefault: https://www.doaj.org/ omitProxy: true ssIdentifier: ssj0002912165 providerName: Directory of Open Access Journals – providerCode: PRVHPJ databaseName: ROAD: Directory of Open Access Scholarly Resources issn: 1000-436X databaseCode: M~E dateStart: 19800101 customDbUrl: isFulltext: true dateEnd: 99991231 titleUrlDefault: https://road.issn.org omitProxy: true ssIdentifier: ssib058759023 providerName: ISSN International Centre |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrR1Na9VAMNQK4kUUFT9LBfdUUpP9SuaYvOZRBD210FvJx0ZPT7CvUHqyIF4ET-rBSwtCwYMHKSh9_8F_0feeP8OZTfISpeIHXpbJzu7szE42M7vZ3XGcu74sPWOU54IMMleWunCBB9oNDC9NKEWap7QO-eChXl2X9zfUxtyZr51dS9vDbDnfPfVcyb9oFfNQr3RK9i80OyOKGQijfjFFDWP6RzpmiWLQZ3HEEklpmLBEszhgsU8ozIk0AdGKBbAMsMhjScAAC0sqHMZEgQAPnUqWhCwSFlAsRFKCUKCpYmIfQVF1JALSAsBi3XVwWQJ280TFUp9FfocBbAVZUo2SLW3EhBYABqIBgrZIQHjkkkSNWbxiqfRY1G-LIKshg7BmNQys7NRit0jcs6IjgORUd7GDS3t4XM1eT2oU64NvAeygXiNqROIBZkorVcJCsM2rRghF7GMnhpzF3PaFsCggtsIVokMoqKtDQqgoIomqnEjiS2_7mtveV1QLgqWaFlSKRQUmS5KiTHiMK5uliEEC_Fr7_4N8vW5bGS26HUAKGxFyZtWqSzrr0cs7JqqK3dM4O3C6GQUF1o4S_eWG_s4yqcSrbkj96Zby4c5OZrHV3Q5ncbxzr7PCUc-W0RfqHuP2OLQ_2TnFUEOHqn3WUis-844FOc_QXu2k0DVG73NGT_m0wav9qa1wKg51SCzrmHHwuW-Dy8567Jxzp5H33q-ktcf5BmU6eNTxPNcuOhfqKeNiVI3_S87c7uPLjjveH52MXk2-fBqPDscfD0-OD6bvnk9e7k-e7X17vzd-cTR5ezw5ejM9eD398PmKs95P1nqrbh36xN2ibUuuQsOKUwOB0wHPlNqIIvOLtNCq9NMsS7kphVfwQouiCEqcEWVoSrkpjJeXZa78TFx15gdPBuaas4hf4iDNTaBlJqVXyFQVmJQ5iDwtcmmuOwu1eJv1p21r8wdt3vhdgZvO-Xas3nLmh0-3zW101YfZgn0BvgPnJqLN |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=%E5%9F%BA%E4%BA%8E%E6%B7%B1%E5%BA%A6%E5%AD%A6%E4%B9%A0%E7%9A%84%E6%8B%9F%E6%80%81%E8%A3%81%E5%86%B3%E6%96%B9%E6%B3%95%E7%A0%94%E7%A9%B6&rft.jtitle=%E9%80%9A%E4%BF%A1%E5%AD%A6%E6%8A%A5&rft.au=%E6%9D%A8%E6%99%93%E6%99%97&rft.au=%E7%A8%8B%E5%9B%BD%E6%8C%AF&rft.au=%E5%88%98%E6%96%87%E5%BD%A6&rft.au=%E5%BC%A0%E5%B8%85&rft.date=2024-02-25&rft.pub=%E7%BD%91%E7%BB%9C%E7%A9%BA%E9%97%B4%E5%AE%89%E5%85%A8%E6%95%99%E8%82%B2%E9%83%A8%E9%87%8D%E7%82%B9%E5%AE%9E%E9%AA%8C%E5%AE%A4%2C%E6%B2%B3%E5%8D%97+%E9%83%91%E5%B7%9E+450000%25%E5%B5%A9%E5%B1%B1%E5%AE%9E%E9%AA%8C%E5%AE%A4%2C%E6%B2%B3%E5%8D%97+%E9%83%91%E5%B7%9E+450046&rft.issn=1000-436X&rft.volume=45&rft.issue=2&rft.spage=79&rft.epage=89&rft_id=info:doi/10.11959%2Fj.issn.1000-436x.2024047&rft.externalDocID=txxb202402007 |
| thumbnail_s | http://utb.summon.serialssolutions.com/2.0.0/image/custom?url=http%3A%2F%2Fwww.wanfangdata.com.cn%2Fimages%2FPeriodicalImages%2Ftxxb%2Ftxxb.jpg |