Research On Attack Of Intrusion Detection System Based On GAN

In recent years,the rapid development of deep learning-related technologies has been integrated into various fields,promoting the mature progress of various ecological industries.In the field of network security,some deep learning algorithms began to combine with intrusion detection systems to detect network traffic data more quickly and comprehensively.The intrusion detection system based on deep learning can analyze traffic characteristics through deep learning,timely monitor network abnormalities,detect attacks,and take corresponding protective measures to deal with attacks,so as to maintain a more secure and stable network space environment.In order to further strengthen the research of intrusion detection system,many researchers put forward the attack strategies of these deep learning algorithms from the attack direction,find out their potential defects,and strive to improve the design architecture of intrusion detection system.This thesis proposes a method that uses generative adversarial network to generate attack capability traffic features for intrusion detection system and reduce the detection capability of deep belief network.To this end,the main problems need to be solved: how to generate attack samples that cannot be identified by the detection system and how to ensure that the attack samples are capable of attack?In order to solve the above problems,the attack method provided in this thesis uses GAN related technology to learn the normal network behavior feature information to generate attack samples,which can bypass the detection based on deep learning intrusion detection system.By combining the non-attack characteristics of the above attack sample and the attack characteristics of the attack network behavior data sample,a new attack sample that can ensure the attack capability is generated.The attack method is an intrusion detection system,which mainly includes generation module,converter module and detection module.The generation module generates attack samples by constructing a generative adversarial network model that learns the data features of normal network behavior.The basic architecture of the network is composed of generator and discriminator to learn the feature information of normal network behavior data samples.The converter module uses random forest algorithm to screen the features of attack traffic,and proposes a classification method for dividing the features based on attack characteristics.Also construct a converter that can combine generated traffic characteristics and attack traffic attack characteristics to ensure the generated attack samples;the detection module evaluates the attack performance by setting the detection system based on deep belief network.In the specific experimental scheme,the selected GAN is the WGAN-GP model to avoid problems such as pattern collapse and gradient disappearance.DBN model selects DBN-SVM algorithm model based on SVM algorithm for better detection performance.Based on this experimental scheme,the error rate difference and attack sample generation time are set as performance indicators of attacks.By setting the relevant experiment,comparing the detection results of the deep belief network and covering the attack samples,the error rate difference is 47.22%,indicating that the generated attack samples can bypass the DBN-SVM-based discriminant criteria by being disguised as normal network behavior.After comparing with Deep Fool and C & W attack methods,it is found that the attack method based on GAN intrusion detection system can effectively attack the deep learning algorithm,successfully reduce the detection efficiency of the intrusion detection system,and the attack performance is significantly better than Deep Fool and C & W attack methods.