The Research And Implementation Of Network Intrusion Detection Based On Zero-shot Learning

With the rapid development and wide application of information technology,the Internet has been integrated into all aspects of people’s daily life,which puts forward higher requirements for network security.Intrusion detection is one of the important means to protect network security.Researchers pay great attention to the research of intrusion detection technology.The rise of machine learning has greatly improved the recognition accuracy of intrusion detection.However,how to identify the new emerging attacks is still a serious problem.In recent years,zero-shot learning has made great progress in the fields of computer vision,natural language processing and fault detection.By simulating the human’s reasoning process for objects that have never been seen before,zero-shot learning can use the knowledge of known classes learned to recognize unknown classes.Aiming at the existing problem of intrusion detection,we realize the recognition of new attacks that are not in the training set by researching the method of zero-shot learning and applying it to network intrusion detection.The work done in this study is as follows:Firstly,we study and analyze the current intrusion detection technology and zeroshot learning method.Then we propose that we could apply zero-shot learning based on sample generation to intrusion detection,which regards the problem of how to recognize unknown network attack as an imagination problem.With this approach,we study how to generate the sample data of unknown attacks,which transforms the intrusion detection of unknown attacks into a traditional classification problem.Secondly,because of lack of semantic knowledge in the intrusion detection data set,we propose the construction process of semantic library of attacks.By collecting the description information of each attack category in the data set,and using natural language processing technology,we transform the semantic description information of the attack into machine-readable vector representation,so as to generate the semantic library of attacks,which provides learnable knowledge for the zero sample learning model.Thirdly,we propose an intrusion detection model based on zero-shot learning.With this approach,we learn the mapping relationship between the sample feature space,discriminative and semantic embedding space with autoencoder.In the encoder,the discriminative embedding is used to cluster the intra-classes and separate the interclasses,which makes the learned features more discriminative.The regressor feedback acts as the regularizer of the decoder to ensure the authenticity and accuracy of the generated samples,and help the decoder recover enough information contained in the sample features and semantic embedding,so as to reconstruct the best generated samples which are used to train the classifier to recognize unknown attacks.Verification experiment have been carried out by using the public dataset NSLKDD.The experimental results show that the performance of the method we proposed is better than the existing intrusion detection methods based on zero sample learning.So,the work of this paper has important reference and academic value for the further research of zero-shot learning in the field of intrusion detection.