Unsupervised intrusion detection model based on temporal convolutional network

LIAO Jinju; DING Jiawei; FENG Guanghui

doi:10.11959/j.issn.1000-0801.2025001

您当前的位置：

首页 >

文章列表页 >

Unsupervised intrusion detection model based on temporal convolutional network

Research and Development | 更新时间：2025-02-07

- Unsupervised intrusion detection model based on temporal convolutional network
- Telecommunications Science Vol. 41, Issue 1, Pages: 164-173(2025)
- 作者机构：
  
  1.郑州工业应用技术学院信息工程学院，河南郑州 451150
  2.广州大学计算机科学与网络工程学院，广东广州 510006
- 作者简介：
- 基金信息：
  
  The Industry-University Cooperative Education Project of Ministry of Education(220602236285739);The Natural Science Foundation of Guangdong Province(2022A1515011386)
- DOI：10.11959/j.issn.1000-0801.2025001
  CLC： TN393
- Received：06 July 2024，
  
  Revised：2024-11-20，
  
  Published：20 January 2025
- 稿件说明：
移动端阅览
廖金菊,丁嘉伟,冯光辉.基于时间卷积网络的无监督入侵检测模型[J].电信科学,2025,41(01):164-173.

LIAO Jinju,DING Jiawei,FENG Guanghui.Unsupervised intrusion detection model based on temporal convolutional network[J].Telecommunications Science,2025,41(01):164-173.
廖金菊,丁嘉伟,冯光辉.基于时间卷积网络的无监督入侵检测模型[J].电信科学,2025,41(01):164-173. DOI： 10.11959/j.issn.1000-0801.2025001.

LIAO Jinju,DING Jiawei,FENG Guanghui.Unsupervised intrusion detection model based on temporal convolutional network[J].Telecommunications Science,2025,41(01):164-173. DOI： 10.11959/j.issn.1000-0801.2025001.

摘要

现有的多数入侵检测模型通过长短期记忆（long short-term memory，LSTM）网络评估数据之间的时间依赖性。然而，LSTM网络处理序列数据增加了训练模型的计算复杂度和存储成本。为此，提出了基于多头注意力机制和时间卷积网络的无监督入侵检测模型（unsupervised intrusion detection model based on multi-head attention mechanism or temporal convolutional network，UDMT）。UDMT不依赖于LSTM网络，它利用时间卷积网络和多头注意力机制构建生成对抗网络的生成器和决策器，实现计算的并行化，进而降低复杂度。同时，UDMT不依赖于标签的攻击数据，它具有检测已知攻击和未知攻击的能力。此外，UDMT采用不同的隐藏层模式，配置灵活，以满足不同的检测率和检测时延的要求。相比于两个同类的检测模型，提出的UDMT能获取更高的检测率和更低的检测时延。

Abstract

Most existing intrusion detection models rely on long short-term memory (LSTM) networks to consider time-dependencies among data. However

LSTM’s sequential data processing significantly increases computational complexity and memory consumption during training. Therefore

unsupervised intrusion detection model based on multi-head attention mechanism and temporal convolutional network (UDMT) was proposed. UDMT didn’t rely on LSTM networks. Instead

it used temporal convolutional network and multi-head attention mechanism in the generative adversarial network generator and discriminator networks to enable more computation parallelization

and reduced computational complexity. Moreover

UDMT was capable of detecting both known and zero-day attacks without relying on labeled attack data. In addition

UDMT can adopt different privacy layer modes

and the configuration was flexible to meet the requirements of different detection rates and detection delays. Experiment results show that the proposed UDMT has higher detection rate and lower detection latency than two state-of-the-art intrusion detection models.

关键词

Keywords

references

罗国宇 , 汪学舜 , 戴锦友 . 物联网入侵检测的随机特征图神经网络模型 [J ] . 计算机工程与应用 , 2024 , 60 ( 21 ): 264 - 273 .

LUO G Y , WANG X S , DAI J Y . Random feature graph neural network for intrusion detection in Internet of things [J ] . Computer Engineering and Applications , 2024 , 60 ( 21 ): 264 - 273 .

李聪宇 , 赵利辉 , 安洋 . 基于图神经网络的物联网入侵检测研究 [J ] . 中北大学学报(自然科学版) , 2024 , 45 ( 2 ): 194 - 204 .

LI C Y , ZHAO L H , AN Y . Research on intrusion detection of Internet of things based on graph neural network [J ] . Journal of North University of China (Natural Science Edition) , 2024 , 45 ( 2 ): 194 - 204 .

冯绮航 . 考虑属性加密的物联网隐私数据跨域安全共享模型 [J ] . 现代电子技术 , 2023 , 46 ( 1 ): 91 - 95 .

FENG Q H . Internet of things privacy data cross domain security sharing model considering attribute encryption [J ] . Modern Electronics Technique , 2023 , 46 ( 1 ): 91 - 95 .

项睿涵 , 潘巨龙 , 李玲艺 , 等 . 一种物联网入侵检测和成员推理攻击研究 [J ] . 传感技术学报 , 2024 , 37 ( 2 ): 317 - 325 .

XIANG R H , PAN J L , LI L Y , et al . A new study of an IoT intrusion detection and membership inference attack [J ] . Chinese Journal of Sensors and Actuators , 2024 , 37 ( 2 ): 317 - 325 .

吴昊 , 郝佳佳 , 卢云龙 . 物联网场景下基于蜜场的分布式网络入侵检测系统研究 [J ] . 通信学报 , 2024 , 45 ( 1 ): 106 - 118 .

WU H , HAO J J , LU Y L . Research on distributed network intrusion detection system for IoT based on honeyfarm [J ] . Journal on Communications , 2024 , 45 ( 1 ): 106 - 118 .

SHONE N , NGOC T N , PHAI V D , et al . A deep learning approach to network intrusion detection [J ] . IEEE Transactions on Emerging Topics in Computational Intelligence , 2018 , 2 ( 1 ): 41 - 50 .

INJADAT M , MOUBAYED A , SHAMI A . Detecting botnet attacks in IoT environments: an optimized machine learning approach [C ] // Proceedings of the 2020 32nd International Conference on Microelectronics (ICM) . Piscataway : IEEE Press , 2020 : 1 - 4 .

MOUBAYED A , INJADAT M , SHAMI A . Optimized random forest model for botnet detection based on DNS queries [C ] // Proceedings of the 2020 32nd International Conference on Microelectronics (ICM) . Piscataway : IEEE Press , 2020 : 1 - 4 .

ZHANG Z J , LI W Z , DING W X , et al . STAD-GAN: unsupervised anomaly detection on multivariate time series with self-training generative adversarial networks [J ] . ACM Transactions on Knowledge Discovery from Data , 2023 , 17 ( 5 ): 1 - 18 .

FREITAS DE ARAUJO-FILHO P , KADDOUM G , CAMPELO D R , et al . Intrusion detection for cyber–physical systems using generative adversarial networks in fog environment [J ] . IEEE Internet of Things Journal , 2021 , 8 ( 8 ): 6247 - 6256 .

HUANG S H , LIU Y , FUNG C , et al . HitAnomaly: hierarchical transformers for anomaly detection in system log [J ] . IEEE Transactions on Network and Service Management , 2020 , 17 ( 4 ): 2064 - 2076 .

ZENATI H , ROMAIN M , FOO C S , et al . Adversarially learned anomaly detection [C ] // Proceedings of the 2018 IEEE International Conference on Data Mining (ICDM) . Piscataway : IEEE Press , 2018 : 727 - 736 .

LI Y D , ZHANG L , LV Z , et al . Detecting anomalies in intelligent vehicle charging and station power supply systems with multi-head attention models [J ] . IEEE Transactions on Intelligent Transportation Systems , 2021 , 22 ( 1 ): 555 - 564 .

张海涛 , 李文娟，李雪峰 , 等 . 基于变分模态分解和时间注意力机制TCN网络的光伏发电功率预测 [J ] . 电测与仪表 , 2024 : 1 - 8 .

ZHANG H T , LI W J , LI X F , et al . Photovoltaic power forecasting based on TPA-TCN model and variational modal decomposition [J ] . Electrical Measurement &Instrumentation , 2024 : 1 - 8 .

JIA Y Z , ZHONG F T , ALRAWAIS A , et al . FlowGuard: an intelligent edge defense mechanism against IoT DDoS attacks [J ] . IEEE Internet of Things Journal , 2020 , 7 ( 10 ): 9552 - 9562 .

Views

590

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Multiscale residual temporal convolutional networks-based intrusion detection model in Internet of things

Deep learning and support vector machine-recursive feature elimination-based network intrusion detection model

A neural convolutional network intrusion detection model based on autoencoder dimension reduction

Ultra-wideband digital channel modeling based on generative adversarial network

Research on new energy station network security assessment method based on improved LSTM network

Related Author

LIU Liwei

ZHAO Hongchao

LI Xuewei

SUN Bin

WU Hao

ZHANG Yannian

YE Qing

DING Jiawei

Related Institution

College of Information and Engineering, Zhoukou Vocational and Technical College

Big Data Information Management Center, Zhengzhou University of Industrial Technology

Nanjing Vocational Institute of Transport Technology, School of Electronic Information Engineering

Jiangsu Province Gaogang Secondary Vocational School

YingXian School of Philanthropy, Zhejiang Gongshang University

⁰