Network unknown-threat detection based on a generative adversarial network and evolutionary algorithm

作     者：Zhou, Jinfei Wu, Zhengdong Xue, Yunhao Li, Minghui Zhou, Di 

作者机构：Hangzhou Dianzi Univ Sch Cyberspace Hangzhou Peoples R China Zhejiang Uniview Technol Co Ltd Hangzhou Peoples R China 

出 版 物：《INTERNATIONAL JOURNAL OF INTELLIGENT SYSTEMS》 (国际智能系统杂志)

年 卷 期：2022年第37卷第7期

页      面：4307-4328页

核心收录：

学科分类：08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：National Natural Science Foundation of China Key Technologies Research and Development Program [2018YFB0804102] Key Projects of NSFC Joint Fund of China [U1866209] 

主　　题：data balance evolutionary computation GAN generalization of threat characteristics unknown-threat detection 

摘      要：Currently existing intrusion-detection systems can only meet the needs of the people for defense against the known threat, and lag in the detection of the unknown threat. To solve this problem, this study considers that the character of an unknown threat can evolve from known threats and propose a network unknown-threat detection algorithm intrusion detection method based on generating & evolution (IDM-GE) based on a generation countermeasure network and evolutionary computation. The intrusion detection method based on generating algorithm can balance the data set, make the classifier learn the characteristics of normal traffic and attack traffic more fairly, and increase the diversity of attack traffic distribution by dynamic games. The intrusion detection method based on evolution algorithm can mutate and evolve, and the combination of the generating algorithm and evolutionary algorithm can generalize the features of unknown threats from known threats in a large dynamic range while also improving the detection accuracy of unknown-threat traffic. The experimental results show that the proposed IDM-GE algorithm improves the detection accuracy and recall rate to more than 91% compared with the traditional ResNet algorithm.