分享
[1]李 川,韩 斌,王树鸿.基于CSBD-XGBoost的入侵检测模型研究[J].成都信息工程大学学报,2026,41(01):47-54.[doi:10.16836/j.cnki.jcuit.2026.01.007]
 LI Chuan,HAN Bin,WANG Shuhong.Research on Intrusion Detection Model based on CSBD-XGBoost[J].Journal of Chengdu University of Information Technology,2026,41(01):47-54.[doi:10.16836/j.cnki.jcuit.2026.01.007]
点击复制

基于CSBD-XGBoost的入侵检测模型研究

成都信息工程大学学报[ISSN:1006-6977/CN:61-1281/TN] 卷: 41 期数: 2026年01期 页码: 47-54 栏目: 电子信息科学与技术 出版日期: 2026-02-28
Title:
Research on Intrusion Detection Model based on CSBD-XGBoost
文章编号:
2096-1618(2026)01-0047-08
作者:
李 川123韩 斌123王树鸿123
(1.成都信息工程大学网络空间安全学院(芯谷产业学院),四川 成都 610225; 2.先进密码技术与系统安全四川省重点实验室,四川 成都 610225; 3.先进微处理器技术国家工程研究中心(工业控制与安全分中心),四川 成都 610225)
Author(s):
LI Chuan123HAN Bin123WANG Shuhong123
(1.College of Cybersecurity(Xin Gu Industrial College), Chengdu University of Information Technology, Chengdu 610225, China; 2.Advanced Cryptography and System Security Key Laboratory of Sichuan Province, Chengdu 610225, China; 3.SUGON Industrial Control and Security Center, Chengdu 610225, China)
关键词:
Borderline SMOTE数据降维卷积神经网络双向门控单元极端梯度提升
Keywords:
Borderline SMOTEdata dimensionality reductionconvolutional neural networkbidirectional gating unitextreme gradient boosting
分类号:
TP393.007
DOI:
10.16836/j.cnki.jcuit.2026.01.007
文献标志码:
A
摘要:
针对网络入侵检测领域中存在数据不平衡、特征冗余、特征信息提取不全以及检测模型单一导致的多类检测率低、误报率高等问题,提出一种基于CSBD-XGBoost的多融合入侵检测模型。使用RUS和Borderline SMOTE采样算法对多数类和少数类样本进行采样,以平衡数据集。采用主成分分析方法进行数据降维,消除特征冗余。然后分别通过双层卷积神经网络、自注意力机制与双向门控单元模块,提取空间特征和时间特征,并将提取的特征传入深度神经网络,进行初次分类。最后通过极端梯度提升进行分类提升,以提高模型的分类性能。在CICIDS2018、CICIDS2017和NSL-KDD数据集上进行实验,准确率可达99.75%、99.55%、98.66%,模型具有较好的泛化性,检测效果优于传统机器学习和深度学习方法。
Abstract:
Aiming at the problems of low multi-class detection rate and high false positive rate caused by data imbalance, feature redundancy, incomplete feature information extraction and single detection model in network intrusion detection field, a CSBD-XGBoost intrusion detection model was proposed. Sample majority and minority class samples using the RUS and Borderline SMOTE sampling algorithms to balance the data set. Principal component analysis was used to reduce dimension of data and eliminate feature redundancy. Then, the spatial and temporal features are extracted through the dual layer convolutional neural network, Self-Attention mechanism and bidirectional gated unit modules respectively, and the extracted features are passed into the deep neural network for initial classification. Finally, extreme gradient boost is used to improve the classification performance of the model. Experiments were carried out on CICIDS2018, CICIDS2017 and NSL-KDD data sets, and the accuracy rate could reach 99.75%, 99.55 and 98.66%. The model has good generalization, and the detection effect is better than traditional machine learning and deep learning methods.

参考文献/References:

[1] 姜来为,顾海洋,谢丽霞,等.机器学习在WSN入侵检测中的应用研究[J].西安电子科技大学学报,2024,51(4):206-225.
[2] Nisha T,Pramod,Dhanya.Insider Intrusion Detection Techniques:A State-of-the-Art Review[J].Journal Of Computer Information Systems,2024,64(1):106-123.
[3] Nitish A,Hanumanthappa J,Prakash,et al.On-Device Context-Aware Misuse Detection Framework For Heterogeneous Iot Edge[J].Applied Intelligence,2023,53(12):14792-14818.
[4] Halbouni Asmaa,G Teddy S,H Mohamed H,et al.CNN-LSTM:Hybrid Deep Neural Network for Network Intrusion Detection System[J].IEEE Access,2022,10:99837-99849.
[5] Jmila Houda,Mohamed I K.Adversarial Machine Learning For Network Intrusion Detection:A Comparative Study[J].Computer Networks,2022,214.
[6] 陈虹,李泓绪,金海波.多尺度卷积与双注意力机制融合的入侵检测方法[J].辽宁工程技术大学学报(自然科学版),2024,43(1):93-100.
[7] Tang Y,Gu L,Wang L.Deep Stacking Network for Intrusion Detection[J].Sensors,2022,22(1):25.
[8] Mohiuddin,Ghulam Z,Lin J,et al.Intrusion Detection Using Hybridized Meta-Heuristic Techniques With Weighted Xgboost Classifier[J].Expert Systems With Applications,2023,232.
[9] Devendiran,Ramkumar T,Anil,et al.Dugat-LSTM:Deep Learning Based Network Intrusion Detection System Using Chaotic Optimization Strategy[J].Expert Systems With Applications,2024,245.
[10] 马明艳,陈伟,吴礼发.基于CNN-BiLSTM网络的入侵检测方法[J].计算机工程与应用,2022,58(10):116-124.
[11] 孙红哲,王坚,王鹏,等.基于Attention-BiTCN的网络入侵检测方法[J].信息网络安全,2024,24(2):309-318.
[12] Sivasubramanian,Arrun D,Mithil B,et al.Feature Extraction And Anomaly Detection Using Different Autoencoders For Modeling Intrusion Detection Systems[J].Arabian Journal For Science And Engineering,2024,49:13061-13073.
[13] Qian Wang,Jiang Haiyang,Ren Jiadong,et al.An Intrusion Detection Algorithm Based On Joint Symmetric Uncertainty And Hyperparameter Optimized Fusion Neural Network[J].Expert Systems With Applications,2024,244.
[14] Li LiHua,Ramli A,Radius T,et al.STB:Synthetic Minority Oversampling Technique For Tree-Boosting Models For Imbalanced Datasets Of Intrusion Detection Systems[J].Peerj Computer Science,2023,9:1580.
[15] Ren Huajuan,Tang Yonghe,Dong Weiyu,et al.DUEN:Dynamic Ensemble Handling Class Imbalance In Network Intrusion Detection[J].Expert Systems With Applications,2023,229.
[16] Vibhute AD,Nakum V.Deep Learning-Based Network Anomaly Detection And Classification In An Imbalanced Cloud Environment.[J].Procedia Computer Science,2024,232:1636-1645.
[17] Qazi,Muhammad H Z,Tanveer,et al.HDLNIDS:Hybrid Deep-Learning-Based Network Intrusion Detection System[J].Applied Sciences-Basel,2023,13(8):4921.
[18] Alqahtani,Abdulrahman,Saad.Deep Convolutional Neural Network For Active Intrusion Detection And Protect Data From Passive Intrusion By Pascal Triangle[J].Wireless Personal Communications,2024,144:1-14.
[19] Qazi,Emad U H A,Abdulrazaq Z,et al.A One-Dimensional Convolutional Neural Network(1D-CNN)Based Deep Learning System for Network Intrusion Detection[J].Applied Sciences-Basel,2022,12(16):7986.
[20] Xu W,Jang-Jaccard J,Liu T,et al.Improved Bidirectional Gan-Based Approach For Network Intrusion Detection Using One-Class Classifier[J].Computers,2022,11(6):85.

备注/Memo

收稿日期:2025-06-20
基金项目:四川省国际科技创新合作/港澳台科技创新合作资助项目(2021YFH0076)
通信作者:韩斌.E-mail:hanbin@cuit.edu.cn

更新日期/Last Update: 2026-02-28