|
基于GRU-LSTM方法的物聯(lián)網(wǎng)數(shù)據(jù)入侵檢測(cè)分析
王大蕾 2023/12/24 8:38:49
江蘇聯(lián)合職業(yè)技術(shù)學(xué)院淮安生物工程分院����,江蘇淮安 223200
摘要:根據(jù)循環(huán)神經(jīng)網(wǎng)絡(luò)(Recurrent Neural Network, RNN)與長(zhǎng)短期記憶網(wǎng)絡(luò)(Long Short-Term Memory, LSTM)運(yùn)行特征,優(yōu)化LSTM得到變體門(mén)控循環(huán)單元(Gate Recurrent Unit, GRU)網(wǎng)絡(luò)���,構(gòu)建得到GRU-LSTM算法��,并跟傳統(tǒng)Softmax分類(lèi)器進(jìn)行了對(duì)比���。研究結(jié)果表明:Dropout進(jìn)行網(wǎng)絡(luò)訓(xùn)練此實(shí)現(xiàn)減弱神經(jīng)元間作用,有效防止過(guò)擬合���。本實(shí)驗(yàn)測(cè)試GRU-LSTM和GRU-Softmax二個(gè)模型的dropout值分別為0.82與0.79�����。GRU-LSTM表現(xiàn)出了比GRU-Softmax更高控制精度����,檢測(cè)率也明顯提升。GRU-Softmax算法能夠在檢測(cè)攻擊時(shí)只存在較小的概率將其判斷成正常行為����,減小了入侵概率,獲得了更優(yōu)的精確度����、檢測(cè)率、誤報(bào)率與AUC�����。本算法彌補(bǔ)了傳統(tǒng)機(jī)器學(xué)習(xí)算法在處理數(shù)據(jù)量上的局限性�。
關(guān)鍵詞:GRU-LSTM網(wǎng)絡(luò);數(shù)據(jù)入侵����;檢測(cè)方法;誤報(bào)率
中圖分類(lèi)號(hào):TN91
Intrusion detection analysis of Internet of Things data based on GRU-LSTM method
Wang Dalei
Huaian Bioengineering Branch, Jiangsu United Vocational and Technical College, Huaian 223200, China
Abstract: According to the operation characteristics of Recurrent Neural Network (RNN) and Long Short-Term Memory network (LSTM), After optimizing the LSTM, a variant Gate Recurrent Unit (GRU) network is obtained, and the GRU-LSTM algorithm is constructed, and compared with the traditional Softmax classifier. The results of the study show that the network training by Dropout reduces the interneuronal interaction and effectively prevents overfitting. The dropout values of the GRU-LSTM and GRU-Softmax models are 0.82 and 0.79, respectively. The GRU-LSTM showed higher control accuracy than the GRU-Softmax, and the detection rate was also significantly improved. The GRU-Softmax algorithm can detect attacks with a small probability and judge them as normal behaviors, reduce the intrusion probability, and obtain better accuracy, detection rate, false positive rate and AUC. This algorithm makes up for the limitation of traditional machine learning algorithm in processing data volume.
Key words: GRU-LSTM network; Data intrusion; Detection method; False alarm rate
0 引言
當(dāng)前�,物聯(lián)網(wǎng)絡(luò)信息技術(shù)的廣泛應(yīng)用已經(jīng)對(duì)人們的日常生活以及工業(yè)生產(chǎn)過(guò)程都產(chǎn)生重要影響�����,也為各類(lèi)互聯(lián)網(wǎng)應(yīng)用技術(shù)的發(fā)展提供了可靠的基礎(chǔ)[1]。網(wǎng)絡(luò)通信技術(shù)的進(jìn)步已對(duì)各行業(yè)都產(chǎn)生了明顯影響���,一旦離開(kāi)網(wǎng)絡(luò)所有行業(yè)都將無(wú)法正常運(yùn)行�,因此需要進(jìn)一步提升網(wǎng)絡(luò)的安全性能��,這使得許多學(xué)者都開(kāi)展了網(wǎng)絡(luò)安全方面的研究工作[2-3]���。為確保對(duì)網(wǎng)絡(luò)威脅達(dá)到有效防范���,提升網(wǎng)絡(luò)安全(未完,下一頁(yè))
附件下載:基于GRU-LSTM方法的物聯(lián)網(wǎng)數(shù)據(jù)入侵檢測(cè)分析
|