• 中国精品科技期刊
  • CCF推荐A类中文期刊
  • 计算领域高质量科技期刊T1类
Advanced Search
Liu Guangrui, Zhang Weizhe, Li Xinjie. Data Contamination Defense Method for Intelligent Network Intrusion Detection Systems Based on Edge Examples[J]. Journal of Computer Research and Development, 2022, 59(10): 2348-2361. DOI: 10.7544/issn1000-1239.20220509
Citation: Liu Guangrui, Zhang Weizhe, Li Xinjie. Data Contamination Defense Method for Intelligent Network Intrusion Detection Systems Based on Edge Examples[J]. Journal of Computer Research and Development, 2022, 59(10): 2348-2361. DOI: 10.7544/issn1000-1239.20220509

Data Contamination Defense Method for Intelligent Network Intrusion Detection Systems Based on Edge Examples

Funds: This work was supported by the National Key Research and Development Program of China (2020YFB1406902), the Key-Area Research and Development Program of Guangdong Province (2020B0101360001), Shenzhen Science and Technology Research and Development Foundation (JCYJ20190806143418198), the Fundamental Research Funds for the Central Universities (HIT.OCEF.2021007), and the Peng Cheng Laboratory Project (PCL2021A02).
More Information
  • Published Date: September 30, 2022
  • Artificial intelligence has been widely used in network intrusion detection systems. Due to the concept drift of traffic samples, the models used for malicious traffic identification must be updated frequently to adapt to new feature distributions. The effectiveness of the updated model depends on the quality of the new training samples, so it is essential to prevent data contamination. However, contamination filtering of traffic samples still relies on expert experience, which leads to the problems such as the immense workload of sample screening, unstable model accuracy, and vulnerability to poisoning attacks during the model update. Existing works cannot achieve contamination filtering or model repair while maintaining model performance. We design a general model update method for intelligent network intrusion detection systems to solve the above problems. In this paper, we first design the EdgeGAN algorithm to make the generative adversarial network fit the model edge example distribution through fuzzing. Then a subset of contaminated examples is identified by examining the MSE values of the new training samples and the original model and checking the F\-β scores of the updated model on the old edge examples. The influence of poisoned examples is suppressed by letting the model learn malicious edge examples, and the model is guaranteed to recover quickly after poisoning. Finally, the effectiveness of the update method on contamination filtering and model restoration is verified by experimental testing on 5 typical intelligent network intrusion detection systems. Compared with the state-of-the-art methods, the new method improves the detection rate of poisoned examples by 12.50% and the restoration effect of poisoned models by 6.38%. The method is applicable to protect the update process of any common intelligent network intrusion detection systems, which can reduce the manual sample screening work, effectively reduce the cost of poison detection and model repair, and provide guarantees for model performance and robustness. The new method can also protect similar intelligent threat detection models.
  • Related Articles

    [1]Ge Zhenxing, Xiang Shuai, Tian Pinzhuo, Gao Yang. Solving GuanDan Poker Games with Deep Reinforcement Learning[J]. Journal of Computer Research and Development, 2024, 61(1): 145-155. DOI: 10.7544/issn1000-1239.202220697
    [2]Liu Qixu, Liu Jiaxi, Jin Ze, Liu Xinyu, Xiao Juxin, Chen Yanhui, Zhu Hongwen, Tan Yaokang. Survey of Artificial Intelligence Based IoT Malware Detection[J]. Journal of Computer Research and Development, 2023, 60(10): 2234-2254. DOI: 10.7544/issn1000-1239.202330450
    [3]Li Qian, Lin Chenhao, Yang Yulong, Shen Chao, Fang Liming. Adversarial Attacks and Defenses Against Deep Learning Under the Cloud-Edge-Terminal Scenes[J]. Journal of Computer Research and Development, 2022, 59(10): 2109-2129. DOI: 10.7544/issn1000-1239.20220665
    [4]Li Minghui, Jiang Peipei, Wang Qian, Shen Chao, Li Qi. Adversarial Attacks and Defenses for Deep Learning Models[J]. Journal of Computer Research and Development, 2021, 58(5): 909-926. DOI: 10.7544/issn1000-1239.2021.20200920
    [5]Chen Yufei, Shen Chao, Wang Qian, Li Qi, Wang Cong, Ji Shouling, Li Kang, Guan Xiaohong. Security and Privacy Risks in Artificial Intelligence Systems[J]. Journal of Computer Research and Development, 2019, 56(10): 2135-2150. DOI: 10.7544/issn1000-1239.2019.20190415
    [6]Cao Zhenfu. New Devolopment of Information Security——For the 60th Anniversary of Journal of Computer Research and Development[J]. Journal of Computer Research and Development, 2019, 56(1): 131-137. DOI: 10.7544/issn1000-1239.2019.20180756
    [7]Wang Yilei, Zhuo Yifan, Wu Yingjie, Chen Mingqin. Question Answering Algorithm on Image Fragmentation Information Based on Deep Neural Network[J]. Journal of Computer Research and Development, 2018, 55(12): 2600-2610. DOI: 10.7544/issn1000-1239.2018.20180606
    [8]Li Chao, Yin Lihua, Guo Yunchuan. Analysis for Probabilistic and Timed Information Flow Security Properties via ptSPA[J]. Journal of Computer Research and Development, 2011, 48(8): 1370-1380.
    [9]Wei Yong, Lian Yifeng, and Feng Dengguo. A Network Security Situational Awareness Model Based on Information Fusion[J]. Journal of Computer Research and Development, 2009, 46(3): 353-362.
    [10]Liu Guohua, Song Jinling, Huang Liming, Zhao Danfeng, Song Li. Measurement and Elimination of Information Disclosure in Publishing Views[J]. Journal of Computer Research and Development, 2007, 44(7): 1227-1235.
  • Cited by

    Periodical cited type(2)

    1. 邵子豪,霍如,王志浩,倪东,谢人超. 基于区块链的移动群智感知数据处理研究综述. 浙江大学学报(工学版). 2024(06): 1091-1106 .
    2. 赵贺贺,高鹏飞,张健明. 英式逆拍卖可以提高第三支柱养老保险市场效率吗?. 长沙民政职业技术学院学报. 2023(01): 74-80 .

    Other cited types(1)

Catalog

    Article views (180) PDF downloads (119) Cited by(3)

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return