中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/95771
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 42702021      Online Users : 1392
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/95771


    Title: 基於生成對抗網路技術之惡意網路流量生成模型;MCM-GAN: Malicious Cyber Maker using Generative Adversarial Networks
    Authors: 吳宗勲;Wu, Tsung-Hsun
    Contributors: 資訊工程學系
    Keywords: 條件式生成對抗網路;資料不平衡;惡意網路流量分類;入侵檢測系統;Conditional Generative Adversarial Network;Traffic Classification;Mali cious Network Traffic Classification;Intrusion Detection System
    Date: 2024-08-09
    Issue Date: 2024-10-09 17:15:52 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 隨著網路的迅速發展,惡意攻擊事件日益增多,為了應對這種情況,使用機器學習 (Machine Learning) 或深度學習 (Deep Learning) 在入侵檢測系統 (In-trusion Detection System, IDS) 上來偵測惡意流量已成為主要趨勢。然而,由於許多資料集是公開的,並且公開資料集往往存在資料不平衡的問題,常見的解決方案是透過合成少數過採樣技術 (Synthetic Minority Over-sampling Technique, SMOTE) ,但這種方法所生成的流量缺乏真實性,如何有效地生成多樣且符合真實狀況的流量是為一大挑戰。
    本論文提出了一種名為 "Malicious Cyber Maker GAN (MCM-GAN) " 的架構,旨在解決訓練不穩定性和模式崩潰 (Mode collapse) 問題,確保生成樣本多樣性。該架構採用了Wasserstein Generative Adversarial Network with Gradient Penalty (WGAN-GP) 設計,通過引入梯度懲罰來改進原有的權重剪切方法,使生成過程更加穩定。此外,本論文還引入了條件生成對抗網路 (Conditional Generative Adversarial Network, CGAN) 和雙時間尺度更新規則 (Two Time-Scale Update Rule, TTUR) ,以進一步提高生成效果和訓練效率。在UNSW-NB15資料集上的實驗結果顯示,使用MCM-GAN生成9種網路惡意攻擊類型時,訓練時間相比使用LSTM作為生成器和鑑別器減少了21.99%,模型大小則減少了27.62%。使用原始資料結合MCM-GAN生成資料進行訓練的XGBoost、Random Forest和SVC模型,其預測F1-Score分別達到89.07%、87.04%和84.31%。相較於SVM-SMOTE、GRU-CGAN和LSTM-CGAN等生成技術,MCM-GAN能達到更高的F1-Score。此外,相較於僅使用原始資料訓練的模型,這些模型的平均F1-Score分別提升了6.83%、6.48%和9.91%。
    ;With the rapid development of the Internet, malicious attacks are becoming in-creasingly common. To address this issue, the use of machine learning or deep learn-ing technologies in intrusion detection systems (IDS) to detect malicious traffic has become a major trend. However, since many datasets are public and often have data imbalances, a common solution is to use the Synthetic Minority Over-sampling Tech-nique (SMOTE). However, the traffic generated by this method lacks authenticity. Effectively generating diverse and realistic traffic is a significant challenge.
    This paper presents an architecture called "Malicious Cyber Maker GAN (MCM-GAN)", which aims to address training instability and mode collapse issues by ensuring diversity in the generated samples. This framework adopts the Wasserstein Generative Adversarial Network with Gradient Penalty (WGAN-GP) design, which improves on the original weight clipping method by incorporating a gradient penalty to stabilize the generation process. In addition, the work incorporates the Conditional Generative Adversarial Network (CGAN) and the Two Time-Scale Update Rule (TTUR) to further improve generation effectiveness and training efficiency. Experimental results on the UNSW-NB15 dataset show that when generating nine types of malicious network attacks using MCM-GAN, the training time was reduced by 21.99% compared to using LSTM as the generator and discriminator, and the model size was reduced by 27.62%. Models trained on original data combined with MCM-GAN generated data, namely XGBoost, Random Forest and SVC, achieved F1 scores of 89.07%, 87.04% and 84.31% respectively. These accuracy levels are higher compared to generation techniques such as SVM-SMOTE, GRU-CGAN and LSTM-CGAN. In addition, these models showed an average F1 score improvement of 6.83%, 6.48% and 9.91%, respectively, compared to models trained only on original data.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML50View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明