English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 42119105      線上人數 : 1268
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/95771


    題名: 基於生成對抗網路技術之惡意網路流量生成模型;MCM-GAN: Malicious Cyber Maker using Generative Adversarial Networks
    作者: 吳宗勲;Wu, Tsung-Hsun
    貢獻者: 資訊工程學系
    關鍵詞: 條件式生成對抗網路;資料不平衡;惡意網路流量分類;入侵檢測系統;Conditional Generative Adversarial Network;Traffic Classification;Mali cious Network Traffic Classification;Intrusion Detection System
    日期: 2024-08-09
    上傳時間: 2024-10-09 17:15:52 (UTC+8)
    出版者: 國立中央大學
    摘要: 隨著網路的迅速發展,惡意攻擊事件日益增多,為了應對這種情況,使用機器學習 (Machine Learning) 或深度學習 (Deep Learning) 在入侵檢測系統 (In-trusion Detection System, IDS) 上來偵測惡意流量已成為主要趨勢。然而,由於許多資料集是公開的,並且公開資料集往往存在資料不平衡的問題,常見的解決方案是透過合成少數過採樣技術 (Synthetic Minority Over-sampling Technique, SMOTE) ,但這種方法所生成的流量缺乏真實性,如何有效地生成多樣且符合真實狀況的流量是為一大挑戰。
    本論文提出了一種名為 "Malicious Cyber Maker GAN (MCM-GAN) " 的架構,旨在解決訓練不穩定性和模式崩潰 (Mode collapse) 問題,確保生成樣本多樣性。該架構採用了Wasserstein Generative Adversarial Network with Gradient Penalty (WGAN-GP) 設計,通過引入梯度懲罰來改進原有的權重剪切方法,使生成過程更加穩定。此外,本論文還引入了條件生成對抗網路 (Conditional Generative Adversarial Network, CGAN) 和雙時間尺度更新規則 (Two Time-Scale Update Rule, TTUR) ,以進一步提高生成效果和訓練效率。在UNSW-NB15資料集上的實驗結果顯示,使用MCM-GAN生成9種網路惡意攻擊類型時,訓練時間相比使用LSTM作為生成器和鑑別器減少了21.99%,模型大小則減少了27.62%。使用原始資料結合MCM-GAN生成資料進行訓練的XGBoost、Random Forest和SVC模型,其預測F1-Score分別達到89.07%、87.04%和84.31%。相較於SVM-SMOTE、GRU-CGAN和LSTM-CGAN等生成技術,MCM-GAN能達到更高的F1-Score。此外,相較於僅使用原始資料訓練的模型,這些模型的平均F1-Score分別提升了6.83%、6.48%和9.91%。
    ;With the rapid development of the Internet, malicious attacks are becoming in-creasingly common. To address this issue, the use of machine learning or deep learn-ing technologies in intrusion detection systems (IDS) to detect malicious traffic has become a major trend. However, since many datasets are public and often have data imbalances, a common solution is to use the Synthetic Minority Over-sampling Tech-nique (SMOTE). However, the traffic generated by this method lacks authenticity. Effectively generating diverse and realistic traffic is a significant challenge.
    This paper presents an architecture called "Malicious Cyber Maker GAN (MCM-GAN)", which aims to address training instability and mode collapse issues by ensuring diversity in the generated samples. This framework adopts the Wasserstein Generative Adversarial Network with Gradient Penalty (WGAN-GP) design, which improves on the original weight clipping method by incorporating a gradient penalty to stabilize the generation process. In addition, the work incorporates the Conditional Generative Adversarial Network (CGAN) and the Two Time-Scale Update Rule (TTUR) to further improve generation effectiveness and training efficiency. Experimental results on the UNSW-NB15 dataset show that when generating nine types of malicious network attacks using MCM-GAN, the training time was reduced by 21.99% compared to using LSTM as the generator and discriminator, and the model size was reduced by 27.62%. Models trained on original data combined with MCM-GAN generated data, namely XGBoost, Random Forest and SVC, achieved F1 scores of 89.07%, 87.04% and 84.31% respectively. These accuracy levels are higher compared to generation techniques such as SVM-SMOTE, GRU-CGAN and LSTM-CGAN. In addition, these models showed an average F1 score improvement of 6.83%, 6.48% and 9.91%, respectively, compared to models trained only on original data.
    顯示於類別:[資訊工程研究所] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML40檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明