【摘要】：網(wǎng)絡(luò)安全問(wèn)題一直是網(wǎng)絡(luò)健康發(fā)展所關(guān)心的重點(diǎn)。傳統(tǒng)的網(wǎng)絡(luò)安全防護(hù)技術(shù)的有防火墻、入侵檢測(cè)等技術(shù),然而在目前復(fù)雜的網(wǎng)絡(luò)環(huán)境下,傳統(tǒng)的網(wǎng)絡(luò)安全防護(hù)技術(shù)無(wú)法滿(mǎn)足網(wǎng)絡(luò)安全的需要。入侵防御系統(tǒng)以入侵檢測(cè)作為核心技術(shù),兼具防火墻技術(shù)和入侵檢測(cè)技術(shù)的優(yōu)點(diǎn),不僅能夠檢測(cè)出入侵行為,也能及時(shí)采取保護(hù)措施,具有主動(dòng)防御功能,能夠有效的提高網(wǎng)絡(luò)的安全保障。入侵檢測(cè)算法通常以距離和概率為基礎(chǔ)進(jìn)行檢測(cè),能夠發(fā)現(xiàn)簡(jiǎn)單的入侵行為,但難以找出特征元素之間的關(guān)聯(lián),對(duì)于攻擊手段更加隱蔽的入侵行為無(wú)法進(jìn)行有效的防御。深度學(xué)習(xí)(Deep Learning)模擬了人腦的思維模式,逐步提取出抽象特征,并且將得到的抽象特征用于分類(lèi)處理。深度學(xué)習(xí)算法的核心在于多層次的學(xué)習(xí),通過(guò)多層次的特征提取,發(fā)現(xiàn)數(shù)據(jù)間內(nèi)在的聯(lián)系。將深度學(xué)習(xí)用于入侵檢測(cè),可以發(fā)現(xiàn)入侵?jǐn)?shù)據(jù)中的隱含攻擊行為,進(jìn)而提高其檢測(cè)準(zhǔn)確率。半監(jiān)督學(xué)習(xí)使用少量標(biāo)記數(shù)據(jù)和大量未標(biāo)記數(shù)據(jù)進(jìn)行訓(xùn)練,降低了對(duì)樣本的要求。本文將半監(jiān)督學(xué)習(xí)引入入侵檢測(cè)算法,提出了一種基于深度學(xué)習(xí)和半監(jiān)督聚類(lèi)的入侵檢測(cè)算法。本算法是對(duì)基于淺層學(xué)習(xí)(Shallow Learning)的入侵檢測(cè)算法的改進(jìn)�；跍\層學(xué)習(xí)的入侵檢測(cè)算法,以反向傳播算法進(jìn)行訓(xùn)練,需要大量的標(biāo)記數(shù)據(jù)和多次的實(shí)驗(yàn)來(lái)調(diào)整參數(shù),而且在隱含層較多的情況下容易產(chǎn)生梯度彌散,并且難以確定隱含單元的數(shù)量。本算法使用稀疏自編碼器對(duì)隱含層進(jìn)行訓(xùn)練,使用逐層貪心算法調(diào)整參數(shù),可以解決梯度彌散的問(wèn)題。稀疏性能夠?qū)﹄[含層單元是否激活形成限制,可以有效處理基于自編碼的深度學(xué)習(xí)算法對(duì)隱含層單元難以確定問(wèn)題。該算法將基于稀疏自編碼器的深度學(xué)習(xí)和半監(jiān)督聚類(lèi)進(jìn)行結(jié)合,可以在使用一定量的標(biāo)記數(shù)據(jù)的基礎(chǔ)上進(jìn)行訓(xùn)練出高效的算法參數(shù),具有在使用少量帶標(biāo)記數(shù)據(jù)的情況下提高檢測(cè)率的優(yōu)點(diǎn)。基于網(wǎng)絡(luò)的實(shí)際狀況,本文選取了一些具有代表性的數(shù)據(jù)進(jìn)行測(cè)試,測(cè)試結(jié)果同基于K均值,C均值,淺層學(xué)習(xí)等入侵檢測(cè)算法進(jìn)行比較。實(shí)驗(yàn)結(jié)果表明,基于深度學(xué)習(xí)和半監(jiān)督聚類(lèi)的入侵檢測(cè)算法能夠有效提高檢測(cè)效率,并且克服了傳統(tǒng)基于聚類(lèi)的入侵檢測(cè)算法對(duì)于初始化聚類(lèi)數(shù)據(jù)敏感、噪聲影響嚴(yán)重等問(wèn)題。最后研究了基于深度學(xué)習(xí)和半監(jiān)督聚類(lèi)的入侵防御系統(tǒng),介紹了該系統(tǒng)的工作原理,并給出了該系統(tǒng)的部署方式。
[Abstract]:Network security has always been the focus of the healthy development of the network. Traditional network security protection technologies include firewall, intrusion detection and so on. However, in the current complex network environment, the traditional network security protection technology can not meet the needs of network security. With the advantages of firewall technology and intrusion detection technology, it can not only detect intrusion, but also take timely protective measures. It has active defense function and can effectively improve the security of the network. Deep Learning simulates the thinking pattern of human brain, extracts abstract features gradually, and uses the abstract features to classify. The core of the depth learning algorithm is multi-level learning, through multi-level learning. Semi-supervised learning uses a small number of labeled data and a large number of unlabeled data to train, which reduces the requirement for samples. Semi-supervised learning is introduced in this paper. An intrusion detection algorithm based on depth learning and semi-supervised clustering is proposed. This algorithm is an improvement on the Shallow Learning based intrusion detection algorithm. The algorithm uses sparse self-encoder to train the hidden layer and adjusts the parameters by layer-by-layer greedy algorithm to solve the problem of gradient dispersion. This algorithm combines depth learning based on sparse self-encoder with semi-supervised clustering, and can train high-efficient algorithm parameters on the basis of a certain amount of labeled data, with a small amount of labeled data. Based on the actual situation of the network, this paper selects some representative data to test, and the test results are compared with the intrusion detection algorithm based on K-means, C-means, shallow learning and so on. The experimental results show that the intrusion detection algorithm based on depth learning and semi-supervised clustering can be effectively improved. At last, the intrusion prevention system based on depth learning and semi-supervised clustering is studied. The principle of the system is introduced, and the deployment of the system is given.
【學(xué)位授予單位】：江蘇科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2016
【分類(lèi)號(hào)】：TP393.08
，

本文編號(hào)：2214466