PDF下载 分享
[1]肖德轩,秦 智,黄源源,等.基于迁移学习的软件定义网络异常检测模型[J].成都信息工程大学学报,2025,40(03):264-272.[doi:10.16836/j.cnki.jcuit.2025.03.002]
 XIAO Dexuan,QIN Zhi,HUANG Yuanyuan,et al.A Software Defined Network Anomaly Detection Model based on Transfer Learning[J].Journal of Chengdu University of Information Technology,2025,40(03):264-272.[doi:10.16836/j.cnki.jcuit.2025.03.002]
点击复制

基于迁移学习的软件定义网络异常检测模型

成都信息工程大学学报[ISSN:1006-6977/CN:61-1281/TN] 卷: 40 期数: 2025年03期 页码: 264-272 栏目: 电子信息科学与技术 出版日期: 2025-06-10
Title:
A Software Defined Network Anomaly Detection Model based on Transfer Learning
文章编号:
2096-1618(2025)03-0264-09
作者:
肖德轩1秦 智12黄源源12卢嘉中12
(1.成都信息工程大学网络空间安全学院,四川 成都 610225; 2.先进密码技术与系统安全四川省重点实验室,四川 成都 610225)
Author(s):
XIAO Dexuan1QIN Zhi2HUANG Yuanyuan12LU Jiazhong12
(1.College of Cybersecurity,Chengdu University of Information Technology,Chengdu 610225,China; 2.Advanced Cryptography & System Security Key Laboratory of Sichuan Province,Chengdu 610225,China)
关键词:
软件定义网络卷积神经网络深度学习迁移学习异常检测
Keywords:
software defined networkconvolutional neural networkdeep learningtransfer learninganomaly detection
分类号:
TP309
DOI:
10.16836/j.cnki.jcuit.2025.03.002
文献标志码:
A
摘要:
随着网络架构的不断演进,SDN已成为推动网络管理简化与通信创新的重要架构之一。然而,伴随着SDN在各个领域的广泛部署以及其结构日益复杂化,其在应对网络安全风险方面也面临着诸多挑战。大规模网络环境中的多样化攻击和海量数据制约了传统机器学习方法在该领域的进一步应用。而深度学习方法虽然在大规模数据处理方面具有优势,但其通常需要大量标记数据进行训练。因此提出一种异常检测模型,将改进的一维CBAM注意力机制与卷积神经网络相融合,以降低通道间的冗余并提高模型性能。同时,通过引入迁移学习方法,模型能够在仅使用有限标记数据训练的情况下有效识别SDN网络中的异常流量。实验结果显示,该模型在CICIDS2017数据集上取得了99.70%的准确率。在仅使用10%的SDN数据集中的标记数据进行微调的预训练模型达到98.53%的精确度,接近使用数据集80%进行训练的模型检测性能。这些结果验证了基于迁移学习和CNN的软件定义网络异常检测模型的可行性。
Abstract:
With the continuous evolution of network architecture, SDN has become one of the important architectures to promote network management simplification and communication innovation. However, with the extensive deployment of software-defined networks in various fields and its increasingly complex structure, SDN faces many challenges in dealing with network security risks. The diversified attacks and massive data in large-scale network environments restrict the further application of traditional machine-learning methods in this field. Although the deep learning method has advantages in large-scale data processing, it usually needs a large number of labeled data for training. Therefore, this paper proposes an anomaly detection model, which combines the improved one-dimensional CBAM attention mechanism with a convolutional neural network to reduce the redundancy between channels and improve the performance of the model. At the same time, by introducing the transfer learning method, the model can effectively identify the abnormal traffic in the SDN network with only limited labeled data training. The experimental results show that the model achieves 99.70% accuracy on the cicids 2017 data set. The accuracy of the pre-training model using only 10% of the labeled data in the SDN dataset for fine-tuning is 98.53%, which is close to the detection performance of the model using 80% of the dataset for training. These results verify the feasibility of software-defined network anomaly detection model based on transfer learning and CNN.

参考文献/References:

[1] Farhady H,Lee H Y,Nakao A.Software-defined networking:A survey[J].Computer Networks,2015,81:79-95.
[2] Masoudi R,Ghaffari A.Software defined networks:A survey[J].Journal of Network and computer Applications,2016,67:1-25.
[3] Ahmad I,Namal S,Ylianttila M,et al.Security in software defined networks:A survey[J].IEEE Communications Surveys & Tutorials,2015,17(4):2317-2346.
[4] Scott-Hayward S,Natarajan S,Sezer S.A survey of security in software defined networks[J].IEEE Communications Surveys & Tutorials,2015,18(1):623-654.
[5] Kalkan K,Gur G,Alagoz F.Defense mechanisms against DDoS attacks in SDN environment[J].IEEE Communications Magazine,2017,55(9):175-179.
[6] Kumar S.Survey of current network intrusion detection techniques[J].Washington Univ.in St.Louis,2007:1-18.
[7] Liu H,Lang B.Machine learning and deep learning methods for intrusion detection systems:A survey[J].applied sciences,2019,9(20):4396.
[8] Lee S W,Mohammadi M,Rashidi S,et al.Towards secure intrusion detection systems using deep learning techniques:Comprehensive analysis and review[J].Journal of Network and Computer Applications,2021,187:103111.
[9] Jurcut A,Niculcea T,Ranaweera P,et al.Security considerations for Internet of Things:A survey[J].SN Computer Science,2020,1:1-19.
[10] Zhang Hongpo,Huang Lulu,Wu ChaseQ.An effective convolutional neural network based on SMOTE and Gaussian mixture model for intrusion detection in imbalanced dataset[J].Computer Networks,177; 2020,(7):107315.
[11] Riyaz B,Sannasi Ganapathy.A deep learning approach for effective intrusion detection in wireless networks using CNN[J].Soft Computing 2020,24:17265-17278.
[12] Andresini Giuseppina,Annalisa Appice,Donato Malerba.Nearest cluster-based intrusion detection through convolutional neural networks[J].Knowledge-Based Systems,2021,216:106798.
[13] ElSayed Mahmoud Said.A novel hybrid model for intrusion detection systems in SDNs based on CNN and a new regularization technique[J].Journal of Network and Computer Applications 2021,191:103160.
[14] Elsayed Mahmoud Said,Nhien-An Le-Khac,Anca D Jurcut.InSDN:A novel SDN intrusion dataset[J].Ieee Access 2020,8:165263-165284.
[15] Sun G,Liang L,Chen T,et al.Network traffic classification based on transfer learning[J].Computers & electrical engineering,2018,69:920-927.
[16] Guan J,Cai J,Bai H,et al.Deep transfer learning-based network traffic classification for scarce dataset in 5G IoT systems[J].International Journal of Machine Learning and Cybernetics,2021,12(11):3351-3365.
[17] Rodríguez E,Valls P,Otero B,et al.Transfer-learning-based intrusion detection framework in IoT networks[J].Sensors,2022,22(15):5621.
[18] Yosinski J,Clune J,Bengio Y,et al.How transferable are features in deep neural networks?[J].Advances in neural information processing systems,2014,27.
[19] He K,Zhang X,Ren S,et al.Deep residual learning for image recognition[C].Proceedings of the IEEE conference on computer vision and pattern recognition.2016:770-778.
[20] Huang G,Liu Z,Van Der Maaten L,et al.Densely connected convolutional networks[C].Proceedings of the IEEE conference on computer vision and pattern recognition.2017:4700-4708.
[21] Woo S,Park J,Lee J Y,et al.Cbam:Convolutional block attention module[C].Proceedings of the European conference on computer vision(ECCV),2018:3-19.
[22] Liu J,Zhang K,Wu S,et al.An investigation of a multidimensional CNN combined with an attention mechanism model to resolve small-sample problems in hyperspectral image classification[J].Remote Sensing,2022,14(3):785.
[23] Zbontar J,Jing L,Misra I,et al.Barlow twins:Self-supervised learning via redundancy reduction[C].International Conference on Machine Learning.PMLR,2021:12310-12320.
[24] Wang Y,Tang S,Zhu F,et al.Revisiting the transferability of supervised pretraining:an mlp perspective[C].Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition.2022:9183-9193.
[25] Sharafaldin I,Lashkari A H,Ghorbani A A.Toward generating a new intrusion detection dataset and intrusion traffic characterization[J].ICISSp,2018,1:108-116.
[26] Gharib A,Sharafaldin I,Lashkari A H,et al.An evaluation framework for intrusion detection dataset[C].2016 International Conference on Information Science and Security(ICISS).IEEE,2016:1-6.
[27] Rosay A,Carlier F,Leroux P.Feed-forward neural network for Network Intrusion Detection[C].2020 IEEE 91st Vehicular Technology Conference(VTC2020-Spring).IEEE,2020:1-6.
[28] Yang L,Moubayed A,Shami A.MTH-IDS:A multitiered hybrid intrusion detection system for internet of vehicles[J].IEEE Internet of Things Journal,2021,9(1):616-632.
[29] Chen Z,Yan Q,Han H,et al.Machine learning based mobile malware detection using highly imbalanced network traffic[J].Information Sciences,2018,433:346-364.
[30] Chawla N V,Bowyer K W,Hall L O,et al.SMOTE:synthetic minority over-sampling technique[J].Journal of artificial intelligence research,2002,16:321-357.
[31] Mani I,Zhang I.kNN approach to unbalanced data distributions:a case study involving information extraction[C].Proceedings of workshop on learning from imbalanced datasets.ICML,2003,126(1):1-7.
[32] Ali Alheeti K M,McDonald-Maier K.Intelligent intrusion detection in external communication systems for autonomous vehicles[J].Systems Science & Control Engineering,2018,6(1):48-56.
[33] LeCun Y,Bottou L,Bengio Y,et al.Gradient-based learning applied to document recognition[J].Proceedings of the IEEE,1998,86(11):2278-2324.
[34] Elmasry W,Akbulut A,Zaim A H.Evolving deep learning architectures for network intrusion detection using a double PSO metaheuristic[J].Computer Networks,2020,168:107042.
[35] Simonyan K,Zisserman A.Very deep convolutional networks for large-scale image recognition[J].arXiv preprint arXiv:1409.1556,2014.
[36] Yang L,Shami A.A transfer learning and optimized CNN based intrusion detection system for Internet of Vehicles[C].ICC 2022-IEEE International Conference on Communications.IEEE,2022:2774-2779.
[37] Vijayanand R,Devaraj D,Kannapiran B.Intrusion detection system for wireless mesh network using multiple support vector machine classifiers with genetic-algorithm-based feature selection[J].Computers & Security,2018,77:304-314.
[38] Pan S J,Yang Q.A survey on transfer learning[J].IEEE Transactions on knowledge and data engineering,2009,22(10):1345-1359.

相似文献/References:

[1]陈蕾衣,张新有.SDN网络性能测量系统设计与实现[J].成都信息工程大学学报,2018,(01):18.[doi:10.16836/j.cnki.jcuit.2018.01.004]
 Chen Lei-yi,Zhang Xin-you.Design and Implementation of Performance MeasurementSystem Used in Software Defined Network[J].Journal of Chengdu University of Information Technology,2018,(03):18.[doi:10.16836/j.cnki.jcuit.2018.01.004]
[2]周建国,唐东明,彭 争,等.基于卷积神经网络的课堂表情分析软件研究与实现[J].成都信息工程大学学报,2017,(05):508.[doi:10.16836/j.cnki.jcuit.2017.05.008]
 ZHOU Jian-guo,TANG Dong-ming,PENG Zheng,et al.Students' Expression Analysis in the Classroom based on Gradient Boosting Decision Tree and Convolution Neural Network[J].Journal of Chengdu University of Information Technology,2017,(03):508.[doi:10.16836/j.cnki.jcuit.2017.05.008]
[3]曹家华,吴 震,王 燚,等.基于CNN-BPR的S-Box功耗随机化侧信道攻击[J].成都信息工程大学学报,2022,37(01):16.[doi:10.16836/j.cnki.jcuit.2022.01.003]
 CAO Jiahua,WU Zhen,WANG Yi,et al.Side Channel Attack of S-box Power Randomization based on CNN-BPR[J].Journal of Chengdu University of Information Technology,2022,37(03):16.[doi:10.16836/j.cnki.jcuit.2022.01.003]
[4]李孝涌,陈科艺,李熙晨.卷积神经网络在ENSO预报中的应用[J].成都信息工程大学学报,2022,37(01):81.[doi:10.16836/j.cnki.jcuit.2022.01.014]
 LI Xiaoyong,CHEN Keyi,LI Xichen.Application of Convolutional Neural Network in ENSO Prediction[J].Journal of Chengdu University of Information Technology,2022,37(03):81.[doi:10.16836/j.cnki.jcuit.2022.01.014]

备注/Memo

收稿日期:2023-11-14
基金项目:国家重点研发计划重点专项资助项目(2022YFB3103103)
通信作者:秦智.E-mail:mercyqz@cuit.edu.cn

更新日期/Last Update: 2025-06-30