基于直觉模糊集理论的IDS方法研究

摘要/Abstract

摘要： 入侵检测是网络系统安全维护过程中的有效方法之一,主要指通过对网络系统中的各种数据进行收集、分析,进而发现其中存在的可能对系统安全构成威胁的入侵攻击行为,并迅速作出响应的过程。但由于网络空间中的攻击形式多样,具有许多未知和不确定性,因此如何对其中的不确定性进行描述并采取相应的措施成为了构建入侵检测模型的重要一环。直觉模糊理论就是一种针对系统中存在的不确定性问题进行研究的理论。因此,通过对基于直觉模糊集理论的入侵检测方法进行深入研究发现,其对于处理入侵检测系统中大量不确定性问题具有重要的作用和意义。文中对现有文献中3种典型的基于直觉模糊集理论的入侵检测方法进行了相对全面的分析介绍,并进行了适当的对比总结,指出了目前各种方法仍存在的不足和未来的研究方向,这对其进一步的发展具有一定的参考价值。

关键词: 模糊聚类, 模糊推理, 入侵检测, 直觉模糊, 综合评判

Abstract: Intrusion detection refers to the technology that collects and analyzes various kinds of data through several key points in a computer network or a computer system,so as to find and respond to possible intrusion attacks.However,due to the variety of attacks in cyberspace and many uncertainties,how to describe and deal with its objective existenceof uncertainty has become an important part of constructing an intrusion detection system model.Intuitionistic fuzzy set theory is a theory that studies the problem of uncertainty in the system.Therefore,studying intrusion detection methods based on intuitionistic fuzzy set theory plays an important role in dealing with a large number of uncertainties in intrusion detection systems.This paper summarized the typical intrusion detection methods based on intuitionistic fuzzy set theory in existing literatures and made a proper analysis and comparison,pointing out the shortcomings in the current related methods and the future development direction,which provide some reference value for further study.

Key words: Comprehensive evaluation, Fuzzy clustering, Fuzzy reasoning, Intrusion detection, Intuitionistic fuzzy

中图分类号:

TP301.6

邢瑞康, 李成海. 基于直觉模糊集理论的IDS方法研究[J]. 计算机科学, 2018, 45(11A): 344-348. https://doi.org/

XING Rui-kang, LI Cheng-hai. Research on Intrusion Detection System Method Based on Intuitionistic Fuzzy Sets[J]. Computer Science, 2018, 45(11A): 344-348. https://doi.org/

参考文献

[1]ATANASSOV K.Intuitionistic fuzzy sets [J].Fuzzy Sets and Systems,1986,20(1):87-96.
[2]ANDERSON J P.Computer security threat monitoring and surveillance[R].PA 19034,USA,1980,4.
[3]DENNING D E.An intrusion detection model[J].IEEE Transactions on Software Engineering,1987,13(2):222.
[4]SMAHA S E.Haystack:an intrusion detectionsystem[C]∥Ae-rospace Computer Security Applications Conference.Piscataway:IEEE Conference Publications,1988:37.
[5]LUNTTF,JAGANNATHANR,LEER,et al.Knowledge-based intrusion detection[C]∥AI Systems in Government Conference.Piscataway:IEEE Conference Publications,1989:102-103.
[6]HEBERLEIN L T,DIAS G V,LEVITT K N,et al.Anetwork security monitor [C]∥IEEE Computer Society Symposium on Research in Security and Privacy.1990:296-207.
[7]CHEN S S,CHEUNG S,CRAWFORD R H,et al.GrIDS-A Graph Based Intrusion Detection System for Large Networks[C]∥Proceedings of the 19th National Information System Security Conference.1996:56-57.
[8]GUN,BUEHRER.Vague sets are intuitionistic fuzzy sets[J].Fuzzy Sets and Systems,1996,79(3):403-405.
[9]BURILLO P,BUSTINCE H.Intuitionistic fuzzy relations (Part I) [J].Mathware Soft Computing,1995,2:5-38.
[10]BUSTINCE H,BURILLO P.Vague sets are intuitionistic fuzzy sets[J].Fuzzy Sets and Systems,1996,79(3):403-405.
[11]BUSTINCE H,BURILLO P.Correlation of interval-valued intuitionistic fuzzy sets[J].Fuzzy Sets and Systems,1995,74(2):237-244.
[12]EULALIA S,JANUSZ K.A concept of similarity for intuitionistic fuzzy sets and its use in group decision making [C]∥IEEE International Conference on Fuzzy Systems.2004:1129-1134.
[13]EULALIA S,JANUSZ K.Entropy for intuitionistic fuzzy sets [J].Fuzzy Sets and Systems,2001,118(3):467-477.
[14]林琳.直觉模糊集在近似推理与决策中的应用[D].大连:大连理工大学,2006.
[15]雷英杰,王宝树,苗启广.直觉模糊关系及其合成运算[J].系统工程理论与实践,2005,25(2):113-118,133.
[16]XU Z S,CHEN J,WU J J.Clustering algorithm for intuitionistic fuzzy sets [J].Information Sciences,2008(178):3775-3790.
[17]ZHAO F X,MA Z M,YAN L.Fuzzy Clustering Based on Vague Relations[C]∥FSKD 2006.2006:79-88.
[18]雷英杰,王宝树.直觉模糊集时态逻辑算子及扩展运算性质[J].计算机科学,2005,11(32):52-55.
[19]CHEN Y H,MA X L,WU X Y.DDoS Detection Algorithm Based onPreprocessing Network Traffic Predicted Method and Chaos Theory[J].IEEE Communications letters,2013,17(5):1052-1054.
[20]TAN Z Y,JAMDAGNI A,He X J,et al.A System for Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis[J].IEEE Transactions on Parallel and Distributed Systems,2013,25(2):447-456.
[21]FEINSTEIN L,SCHNACKENBERG D,BALUPARI R,et al.Statistical Approaches to DDoS Attack Detection and Response [C]∥Proceedings of the DARPA Information Servivability Conference and Exposition (DISCEX’03).Washington DC:IEEE Computer Society,2003:303-314.
[22]THANASIS V,ALEXANDROS P,CHRISTOS I,et al.Real-time Network Data Analysis Using Time Series Models[J].Simulation Modelling Practice and Theory,2012,29(C):173-180.
[23]张弛,雷英杰,黄孝文.基于直觉模糊推理的入侵检测方法[J].微电子学与计算机,2009,11(26):185-188.
[24]黄孝文,张弛.基于自适应自觉模糊推理的入侵检测方法[J].计算机应用,2010,5(30):1198-1207.
[25]王亚男,叶蓓,雷英杰.基于GA与IFCM聚类算法的入侵检测[J].计算机工程,2013,9(39):170-173.
[26]张国锁,周创明,雷英杰.改进FCM聚类算法及其在入侵检测中的应用[J].计算机应用,2009,29(5):1336-1338.
[27]贺正洪,雷英杰.直觉模糊c-均值聚类算法研究[J].控制与决策,2011,26(6):847-850,856.
[28]贺正洪,雷英杰,王刚.基于直觉模糊聚类的目标识别[J].系统工程与电子技术,2011,33(6):1283-1286.
[29]张弛.基于直觉模糊推理的入侵检测方法研究[D].西安:空军工程大学,2008.

相关文章 15

[1]	王馨彤, 王璇, 孙知信. 基于多尺度记忆残差网络的网络流量异常检测模型 Network Traffic Anomaly Detection Method Based on Multi-scale Memory Residual Network 计算机科学, 2022, 49(8): 314-322. https://doi.org/10.11896/jsjkx.220200011
[2]	周志豪, 陈磊, 伍翔, 丘东亮, 梁广升, 曾凡巧. 基于SMOTE-SDSAE-SVM的车载CAN总线入侵检测算法 SMOTE-SDSAE-SVM Based Vehicle CAN Bus Intrusion Detection Algorithm 计算机科学, 2022, 49(6A): 562-570. https://doi.org/10.11896/jsjkx.210700106
[3]	曹扬晨, 朱国胜, 孙文和, 吴善超. 未知网络攻击识别关键技术研究 Study on Key Technologies of Unknown Network Attack Identification 计算机科学, 2022, 49(6A): 581-587. https://doi.org/10.11896/jsjkx.210400044
[4]	魏辉, 陈泽茂, 张立强. 一种基于顺序和频率模式的系统调用轨迹异常检测框架 Anomaly Detection Framework of System Call Trace Based on Sequence and Frequency Patterns 计算机科学, 2022, 49(6): 350-355. https://doi.org/10.11896/jsjkx.210500031
[5]	张师鹏, 李永忠. 基于降噪自编码器和三支决策的入侵检测方法 Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions 计算机科学, 2021, 48(9): 345-351. https://doi.org/10.11896/jsjkx.200500059
[6]	乔颖婧, 高保禄, 史瑞雪, 刘璇, 王朝辉. 融合Tamura纹理特征的改进FCM脑MRI图像分割算法 Improved FCM Brain MRI Image Segmentation Algorithm Based on Tamura Texture Feature 计算机科学, 2021, 48(8): 111-117. https://doi.org/10.11896/jsjkx.200700003
[7]	李贝贝, 宋佳芮, 杜卿芸, 何俊江. DRL-IDS:基于深度强化学习的工业物联网入侵检测系统 DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things 计算机科学, 2021, 48(7): 47-54. https://doi.org/10.11896/jsjkx.210400021
[8]	程希, 曹晓梅. 基于信息携带的SQL注入攻击检测方法 SQL Injection Attack Detection Method Based on Information Carrying 计算机科学, 2021, 48(7): 70-76. https://doi.org/10.11896/jsjkx.200600010
[9]	曹扬晨, 朱国胜, 祁小云, 邹洁. 基于随机森林的入侵检测分类研究 Research on Intrusion Detection Classification Based on Random Forest 计算机科学, 2021, 48(6A): 459-463. https://doi.org/10.11896/jsjkx.200600161
[10]	戴宗明, 胡凯, 谢捷, 郭亚. 基于直觉模糊集的集成学习算法 Ensemble Learning Algorithm Based on Intuitionistic Fuzzy Sets 计算机科学, 2021, 48(6A): 270-274. https://doi.org/10.11896/jsjkx.200700036
[11]	俞建业, 戚湧, 王宝茁. 基于Spark的车联网分布式组合深度学习入侵检测方法 Distributed Combination Deep Learning Intrusion Detection Method for Internet of Vehicles Based on Spark 计算机科学, 2021, 48(6A): 518-523. https://doi.org/10.11896/jsjkx.200700129
[12]	贾琳, 杨超, 宋玲玲, 程镇, 李琲珺. 改进的否定选择算法及其在入侵检测中的应用 Improved Negative Selection Algorithm and Its Application in Intrusion Detection 计算机科学, 2021, 48(6): 324-331. https://doi.org/10.11896/jsjkx.200400033
[13]	王颖颖, 常俊, 武浩, 周详, 彭予. 基于WiFi-CSI的入侵检测方法 Intrusion Detection Method Based on WiFi-CSI 计算机科学, 2021, 48(6): 343-348. https://doi.org/10.11896/jsjkx.200700006
[14]	刘全明, 李尹楠, 郭婷, 李岩纬. 基于Borderline-SMOTE和双Attention的入侵检测方法 Intrusion Detection Method Based on Borderline-SMOTE and Double Attention 计算机科学, 2021, 48(3): 327-332. https://doi.org/10.11896/jsjkx.200600025
[15]	朱容辰, 李欣, 王晗旭, 叶瀚, 曹志威, 樊志杰. 融合多维标识特征的摄像头身份识别方法 Camera Identity Recognition Method Fused with Multi-dimensional Identification Features 计算机科学, 2021, 48(11A): 565-569. https://doi.org/10.11896/jsjkx.210100093

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed