A Construction Method of Network Intrusion Detection Dataset in Small Sample Scenario

A network intrusion detection and construction method technology, applied in the field of information security, can solve the problems of research work and evaluation difficulties, and achieve the effect of keeping the main time and space structure unchanged, reducing construction costs, and preserving relevance.

Active Publication Date: 2020-08-04
ZHEJIANG UNIV
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there is currently no network intrusion detection data set in a small sample scenario, which brings difficulties to the development and evaluation of research work

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Construction Method of Network Intrusion Detection Dataset in Small Sample Scenario
  • A Construction Method of Network Intrusion Detection Dataset in Small Sample Scenario

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The present invention will be described in further detail below in conjunction with the accompanying drawings.

[0038] Step 1: Obtain network traffic packets from the target network. According to the definition of the Open System Interconnection (OSI) reference model, the network is divided into 7 layers from bottom to top. The smallest transmission unit of network traffic is a data packet, and each data packet consists of a header and a payload. For example, a hypertext transfer protocol (Hyper TextTransfer Protocol, HTTP) data packet sequentially includes a 14-byte medium access control (Medium Access Control, MAC) layer header, a 20-byte Internet Protocol (Internet Protocol, IP) layer header, and a 20-byte Section Transmission Control Protocol (Transmission Control Protocol, TCP) layer header, and then the HTTP header and payload.

[0039] The data packets obtained through the packet capture program can be reflected in the network traffic data except the first phy...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a construction method of a network intrusion detection data set in a small sample scene. The construction method comprises the following steps: acquiring a network flow data packet from a target network; combining and reconstructing the network flow data packets to obtain a data flow, and sampling the data flow; preprocessing the sampled data flow, wherein the preprocessingcomprises normalization and anonymization processing; constructing a meta-training set and a meta-test set, the meta-training set comprising a sampling set and a request set, and the meta-test set comprising a support set and a test set; and combining the constructed meta-training set and meta-test set together to form a network intrusion detection data set in a small sample scene. According to the invention, a network intrusion detection data set suitable for a small sample scene can be constructed, and a data foundation is laid for research and evaluation of a network intrusion detection method in the small sample scene.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a method for constructing a network intrusion detection data set in a small sample scenario. Background technique [0002] A network intrusion detection system can be defined as a system that implements network traffic classification. A default premise here is that we have obtained a large amount of network traffic for classification, so we can construct a dataset containing a large number of samples. For a specific data set, an appropriate model can be designed, such as a binary classification model, which can divide network traffic into normal traffic and traffic with intrusion attacks, thereby realizing intrusion detection. Existing research work shows that for a specific type of attack, as long as there are a large number of samples, many machine learning algorithms can identify this type of attack well. This process can be automatically learned by the machine w...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1408H04L63/1416H04L69/18
Inventor 沈继忠许聪源杜歆
Owner ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap