Research on Intrusion Detection Model in Fog Computing Environment

doi:10.19678/j.issn.1000-3428.0062305

Abstract

Abstract: When the delay of sending and processing data in a cloud data center is large, most real-time intelligent applications struggle to realize their tasks.Fog computing allows these delay-sensitive applications to run on edge devices called fog nodes, which are geographically closer to the application.Fog nodes in fog computing typically have limited computing resources and are vulnerable to massive high-dimensional abnormal traffic attacks.Therefore, an improved quasi-recurrent neural network with feature dimensionality reduction is proposed, and a lightweight intrusion detection model, FR-IQRNN, is constructed based on this network.The high-dimensional attack samples collected by fog nodes are encoded into low-dimensional vectors to reduce redundant features.The circular connection of FR-IQRNN captures the time dependence of low-dimensional vectors.Simultaneously, parallel computing is realized in a time step and small batch dimension.On this basis, an attention mechanism is introduced to strengthen the extraction ability of key model features to realize the intrusion detection of fog nodes.On the public UNSW_NB15 dataset, the FR-IQRNN model achieved 99.51% in accuracy, 99.23% in precision, and 99.79% in recall, which outperforms RNN-IDS, AESVM, and other models and achieved above 95% in training accuracy in only 127.94 s.On the NSL-KDD dataset, the FR-IQRNN model achieved 99.39% in precision and 99.27% in recall, indicating that the model has outstanding robustness.

Key words: fog computing, intrusion detection, dimensionality reduction, quasi-recurrent neural network, parallel computing, attention mechanism

摘要： 当网络在云数据中心发送和处理数据的延迟较大时，大多实时智能应用程序都难以达到预期效果。雾计算允许这些对延迟敏感的应用程序在边缘设备上运行，这些设备被称为雾节点，其在地理位置上更接近应用程序。然而，雾计算中的雾节点通常计算资源有限，容易受到海量高维异常流量攻击，为此，提出一种特征降维的改进准递归神经网络，并基于该网络构建轻量级入侵检测模型FR-IQRNN。将雾节点采集到的高维攻击样本编码为低维向量以减少冗余特征，利用FR-IQRNN的循环连接捕获低维向量的时间依赖关系，同时在时间步长和小批量维度中实现并行计算，在此基础上，引入注意力机制强化模型对关键特征的提取能力，从而实现雾节点的入侵检测。在公开数据集UNSW_NB15上，FR-IQRNN模型能取得99.51%的准确率、99.23%的精确率以及99.79%的召回率，优于RNN-IDS、AESVM等模型，并且仅需127.94 s便达到95%以上的训练精度。在NSL-KDD数据集上，FR-IQRNN模型获得99.39%的准确率和99.27%的召回率，且在鲁棒性方面表现突出。

关键词: 雾计算, 入侵检测, 降维, 准递归神经网络, 并行运算, 注意力机制

CLC Number:

TP391

LI Jinguo, JIAO Xubin. Research on Intrusion Detection Model in Fog Computing Environment[J]. Computer Engineering, 2022, 48(5): 43-52.

李晋国, 焦旭斌. 雾计算环境下入侵检测模型研究[J]. 计算机工程, 2022, 48(5): 43-52.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.19678/j.issn.1000-3428.0062305

http://www.ecice06.com/EN/Y2022/V48/I5/43

Figures/Tables 17

References

[1] RASHID ABDULQADIR H, ZEEBAREE S R M, SHUKUR H M, et al.A study of moving from cloud computing to fog computing[J].Qubahan Academic Journal, 2021, 1(2):60-70.
[2] SANTOS J, VAN DER HOOFT J, VEGA M T, et al.SRFog:a flexible architecture for virtual reality content delivery through fog computing and segment routing[C]//Proceedings of 2021 IFIP/IEEE International Symposium on Integrated Network Management.Washington D.C., USA:IEEE Press, 2021:1038-1043.
[3] PAHARIA B, BHUSHAN K.A comprehensive review of Distributed Denial of Service(DDoS) attacks in fog computing environment[M]//GUPTA B, PEREZ G, AGRAWAL D, et al.Handbook of computer networks and cyber security.Berlin, Germany:Springer, 2020.
[4] 李韵, 黄辰林, 王中锋, 等.基于机器学习的软件漏洞挖掘方法综述[J].软件学报, 2020, 31(7):2040-2061. LI Y, HUANG C L, WANG Z F, et al.Survey of software vulnerability mining methods based on machine learning[J].Journal of Software, 2020, 31(7):2040-2061.(in Chinese)
[5] 张玉清, 董颖, 柳彩云, 等.深度学习应用于网络空间安全的现状、趋势与展望[J].计算机研究与发展, 2018, 55(6):1117-1142. ZHANG Y Q, DONG Y, LIU C Y, et al.Situation, trends and prospects of deep learning applied to cyberspace security[J].Journal of Computer Research and Development, 2018, 55(6):1117-1142.(in Chinese)
[6] SUDQI KHATER B, ABDUL WAHAB A W B, IDRIS M Y I B, et al.A lightweight perceptron-based intrusion detection system for fog computing[J].Applied Sciences, 2019, 9(1):178.
[7] AN X S, SU J T, LÜ X, et al.Hypergraph clustering model-based association analysis of DDOS attacks in fog computing intrusion detection system[J].EURASIP Journal on Wireless Communications and Networking, 2018, 18:249.
[8] PENG K, LEUNG V C M, ZHENG L X, et al.Intrusion detection system based on decision tree over big data in fog environment[J].Wireless Communications and Mobile Computing, 2018, 18:4680867.
[9] DIRO A A, CHILAMKURTI N.Distributed attack detection scheme using deep learning approach for Internet of things[J].Future Generation Computer Systems, 2018, 82:761-768.
[10] SADAF K, SULTANA J.Intrusion detection based on autoencoder and isolation forest in fog computing[J].IEEE Access, 2020, 8:167059-167068.
[11] 付子爔, 徐洋, 吴招娣, 等.基于增量学习的SVM-KNN网络入侵检测方法[J].计算机工程, 2020, 46(4):115-122. FU Z X, XU Y, WU Z D, et al.SVM-KNN network intrusion detection method based on incremental learning[J].Computer Engineering, 2020, 46(4):115-122.(in Chinese)
[12] 叶佩文, 贾向东, 杨小蓉, 等.基于深度学习的自编码器端到端物理层优化方案[J].计算机工程, 2019, 45(12):86-90, 97. YE P W, JIA X D, YANG X R, et al.End-to-end physical layer optimization scheme using auto-encoder based on deep learning[J].Computer Engineering, 2019, 45(12):86-90, 97.(in Chinese)
[13] 张百川, 赵佰亭.结合批归一化的轻量化卷积神经网络分类算法[J].哈尔滨商业大学学报(自然科学版), 2021, 37(3):300-306. ZHANG B C, ZHAO B T.Classification algorithm of lightweight convolutional neural network based on batch normalization[J].Journal of Harbin University of Commerce (Natural Sciences Edition), 2021, 37(3):300-306.(in Chinese)
[14] GODIN F, DEGRAVE J, DAMBRE J, et al.Dual Rectified Linear Units (DReLUs):a replacement for tanh activation functions in quasi-recurrent neural networks[J].Pattern Recognition Letters, 2018, 116:8-14.
[15] BALDUZZI D, GHIFARY M.Strongly-typed recurrent neural networks[EB/OL].[2021-07-05].https://arxiv.org/abs/1602.02218.
[16] 郝志峰, 黄浩, 蔡瑞初, 等.基于多特征融合与双向RNN的细粒度意见分析[J].计算机工程, 2018, 44(7):199-204, 211. HAO Z F, HUANG H, CAI R C, et al.Fine-grained opinion analysis based on multi-feature fusion and bidirectional RNN[J].Computer Engineering, 2018, 44(7):199-204, 211.(in Chinese)
[17] GRAVES A, SCHMIDHUBER J.Framewise phoneme classification with bidirectional LSTM and other neural network architectures[J].Neural Networks, 2005, 18(5/6):602-610.
[18] LOKESH S, MALARVIZHI KUMAR P, RAMYA DEVI M, et al.An automatic tamil speech recognition system by using bidirectional recurrent neural network with self-organizing map[J].Neural Computing and Applications, 2019, 31(5):1521-1531.
[19] 王文冠, 沈建冰, 贾云得.视觉注意力检测综述[J].软件学报, 2019, 30(2):416-439. WANG W G, SHEN J B, JIA Y D.Review of visual attention detection[J].Journal of Software, 2019, 30(2):416-439.(in Chinese)
[20] 张兴兰, 尹晟霖.可变融合的随机注意力胶囊网络入侵检测模型[J].通信学报, 2020, 41(11):160-168. ZHANG X L, YIN S L.Intrusion detection model of random attention capsule network based on variable fusion[J].Journal on Communications, 2020, 41(11):160-168.(in Chinese)
[21] 郭璠, 张泳祥, 唐琎, 等.YOLOv3-A:基于注意力机制的交通标志检测网络[J].通信学报, 2021, 42(1):87-99. GUO F, ZHANG Y X, TANG J, et al.YOLOv3-A:a traffic sign detection network based on attention mechanism[J].Journal on Communications, 2021, 42(1):87-99.(in Chinese)
[22] MOON D, IM H, KIM I, et al.DTB-IDS:an intrusion detection system based on decision tree using behavior analysis for preventing APT attacks[J].The Journal of Supercomputing, 2017, 73(7):2881-2895.
[23] 刘辛.随机森林在云环境异常检测中的应用[D].北京:北京邮电大学, 2020. LIU X.Application of random forest in cloud computing anomaly detection[D].Beijing:Beijing University of Posts and Telecommunications, 2020.(in Chinese)
[24] 池亚平, 凌志婷, 王志强, 等.基于支持向量机与Adaboost的入侵检测系统[J].计算机工程, 2019, 45(10):183-188, 202. CHI Y P, LING Z T, WANG Z Q, et al.Intrusion detection system based on support vector machine and Adaboost[J].Computer Engineering, 2019, 45(10):183-188, 202.(in Chinese)
[25] YIN C L, ZHU Y F, FEI J L, et al.A deep learning approach for intrusion detection using recurrent neural networks[J].IEEE Access, 2017, 5:21954-21961.
[26] TIAN Q, LI J M, LIU H B.A method for guaranteeing wireless communication based on a combination of deep and shallow learning[J].IEEE Access, 2019, 7:38688-38695.
[27] KASONGO S M, SUN Y X.A deep learning method with wrapper based feature extraction for wireless intrusion detection system[J].Computers & Security, 2020, 92:101752.
[28] ROY B, CHEUNG H.A deep learning approach for intrusion detection in Internet of things using bi-directional long short-term memory recurrent neural network[C]//Proceedings of the 28th International Telecommunication Networks and Applications Conference.Washington D.C., USA:IEEE Press, 2018:1-6.
[29] VINAYAKUMAR R, SOMAN K P, POORNACHANDRAN P.Applying convolutional neural network for network intrusion detection[C]//Proceedings of International Conference on Advances in Computing, Communications and Informatics.Washington D.C., USA:IEEE Press, 2017:1222-1228.

Please choose a citation manager

Content to export