摘要
针对电力系统网络中海量、高维的入侵行为数据,在研究了分布式云计算、粗糙集、基因表达式编程等技术基础上,提出了一种基于混合基因表达式编程和云的分布式入侵检测方法。该方法利用粗糙集约简方法对噪声数据进行查找、剔除或校正,以减少噪声对属性约简的影响。进一步,利用云计算和混合基因表达式编程算法,提高对海量高维网络日志数据的及时、准确响应和处理。在仿真环节,对于KddCup 99、实测数据集、KddCup噪声数据集和NSL-KDD数据集,所提方法的检测准确率(DAR)为93.5%、91.9%、93.5%和89.9%,与基因表达式编程(GEP)、遗传算法(GA)和遗传规划(GP)相比,所提方法的DAR分别提高了1.28倍、1.27倍和1.45倍;虚警率(FAR)最大分别减少了9.74倍、32.99倍和17.06倍。仿真结果进一步验证了所提方法可以大大降低入侵数据集的复杂度,从而提高算法的全局搜索能力。
For the massive and high-dimensional intrusion behavior data in power system networks, a distributed intrusion detection method based on hybrid gene expression programming and cloud is proposed based on the study of distributed cloud computing, rough sets, and gene expression programming. The method uses rough set parsimony methods to find, reject or correct for noisy data to reduce the effect of noise on attribute parsimony. Further, cloud computing and hybrid gene expression programming algorithms are used to improve timely and accurate response and processing of massive high-dimensional web log data. In the simulation session, for KddCup 99, the real data set, the KddCup noisy data set and the NSL-KDD data set, the detection accuracy rate(DAR) of the proposed method is 93.5%, 91.9%, 93.5% and 89.9%, which is 1.28 times, 1.27 times and 1.45 times better compared with gene expression programming(GEP), genetic algorithm(GA) and genetic programming(GP), respectively;the false alarm rate(FAR) is maximally reduced by 9.74 times, 32.99 times and 17.06 times, respectively. The simulation results further verify that the proposed method can greatly reduce the complexity of the intrusion dataset and thus improve the global search capability of the algorithm.
作者
余少锋
钟建栩
朱磊
马一宁
YU Shaofeng;ZHONG Jianxu;ZHU Lei;MA Yining(Information and Communication Branch,China Southern Power Grid Peak and Frequency Modulation Power Generation Co.,Ltd.,Guangzhou 510000,China)
出处
《自动化仪表》
CAS
2022年第7期12-16,共5页
Process Automation Instrumentation
关键词
电力系统网络
入侵检测
粗糙集
云计算
基因表达式编程
Power system network
Intrusion detection
Rough set
Cloud computing
Gene expression programming(GEP)
