一种物联网入侵检测和成员推理攻击研究
A New Study of an IoT Intrusion Detection and Membership Inference Attack
项睿涵 1潘巨龙 1李玲艺 1方堃1
作者信息
- 1. 中国计量大学信息工程学院,浙江 杭州 310018
- 折叠
摘要
为适应物联网节点计算能力弱、存储空间不足和敏感数据易受攻击等特点,提出一种新的融合卷积神经网络和差分隐私的轻量级入侵检测模型,使模型更好适应物联网苛刻的资源环境.首先,使用MinMax算法对原始流量数据进行归一化预处理;其次,设计轻量级卷积神经网络提取流量特征并进行分类;最后使用差分隐私算法对模型可能遇到的成员推理攻击进行防御.新算法在UNSW_NB15 等入侵检测数据集上进行了实验,所提模型准确率达到 98.98%,精确率达到 98.05%,模型大小控制在 200 KB左右,相比于DAE-OCSVM算法准确率提高了 2.81%,适用于物联网资源有限环境下要求的高精度入侵检测;同时,针对模型可能遇到的成员推理攻击进行研究,算法在融入差分隐私算法后降低了 20.96%的成员推理攻击.
Abstract
To adapt to the weak computing power of the Internet of Things nodes,insufficient storage space and the vulnerability of sensi-tive data attacks,a new lightweight intrusion detection model incorporating a convolutional neural network and differential privacy are proposed to make the model better adapted to the demanding resource environment of IoT.Firstly,the raw traffic data is pre-processed using the MinMax algorithm for normalization.Secondly,a lightweight convolutional neural network is designed to extract traffic features and perform classification.Finally,the differential privacy algorithm is used to defend against membership inference attacks that the model may encounter.The new algorithm is experimented on intrusion detection datasets such as UNSW_NB15,and the model accuracy reachs 98.98%,the precision rate reachs 98.05%,and the model size is controlled at about 200 KB,which improvs the accuracy rate by 2.81%compared with the DAE-OCSVM algorithm,and is suitable for the high accuracy intrusion detection required in the harsh envi-ronment of IoT.Meanwhile,the membership inference attack that the model may encounter are investigated,and the new algorithm re-duces 20.96%of the membership inference attack after incorporating the differential privacy algorithm.
关键词
入侵检测/物联网/卷积神经网络/差分隐私/成员推理攻击Key words
intrusion detection system/internet of things/convolutional neural network/differential privacy/membership inference attack引用本文复制引用
基金项目
浙江省基础公益研究计划项目(LGF21F020017)
出版年
2024
国家科技期刊平台
NSTL
万方数据