基于雾计算的无线传感器网络联合入侵检测算法

朱梦圆; 陈卓; 刘鹏飞; 吕娜

doi:10.13700/j.bh.1001-5965.2021.0766

基于雾计算的无线传感器网络联合入侵检测算法

doi: 10.13700/j.bh.1001-5965.2021.0766

朱梦圆¹,
陈卓²,
刘鹏飞¹,
吕娜^1, ,

1.
空军工程大学信息与导航学院，西安 710077
2.
解放军94619部队，六安 237000

基金项目:

国家自然科学基金 62074131

详细信息

通讯作者:
吕娜, E-mail: Lvnn2007@163.com

中图分类号: TP393
计量
- 文章访问数: 329
- HTML全文浏览量: 134
- PDF下载量: 22
- 被引次数: 0
出版历程
- 收稿日期: 2021-12-20
- 录用日期: 2022-02-25
- 网络出版日期: 2022-03-16
- 整期出版日期: 2022-10-20

Fog computing-based federated intrusion detection algorithm for wireless sensor networks

1.
Information and Navigation College, Air Force Engineering University, Xi'an 710077, China
2.
PLA 94619, Lu'an 237000, China

Funds:

National Natural Science Foundation of China 62074131

More Information

Corresponding author: LYU Na, E-mail: Lvnn2007@163.com

摘要

摘要:
为了保障无线传感器网络的安全性，提出一种基于雾计算的联合入侵检测算法Fed-XGB。Fed-XGB算法通过引入雾计算节点扩展网络边缘，减少通信时延，在提升联合学习全局模型和局部模型准确率的同时，降低了传输带宽和隐私泄露风险；通过改进基于直方图的近似计算方法，适应无线传感器网络数据不均衡特征；通过引入TOP-K梯度选择，最小化模型参数上传次数，提高模型参数交互效率。实验结果表明: Fed-XGB算法的检测准确率在0.97以上，误报率在0.036以下，优于其他对比算法；在遭受中毒攻击及数据含噪的情况下，算法检测分类性能依然稳定，具有较强的鲁棒性。
- 无线传感器网络 /
- 入侵检测 /
- 雾计算 /
- 联合学习 /
- 深度学习
Abstract:
In order to guarantee the security of wireless sensor networks, a federated intrusion detection algorithm Fed-XGB based on fog computing is proposed. The Fed-XGB algorithm extends the edge of the network by introducing fog computing nodes, reduces communication delay, improves the accuracy of joint learning of global and local models, and reduces the transmission bandwidth and the risk of privacy leakage. By improving the approximate calculation method based on the histogram, this algorithm can adapt to the characteristics of unbalanced data in wireless sensor networks. Through the introduction of the TOP-K gradient selection, the number of uploads of model parameters is minimized, and the interaction efficiency of model parameters is improved. Experimental results show that the detection accuracy of the Fed-XGB algorithm is above 0.97, and the false alarm rate is below 0.036, which is better than other comparison algorithms. The results also show that, in the face of poisoning attacks and noisy data, the detection and classification performance are still stable and has strong robustness.
- wireless sensor network /
- intrusion detection /
- fog computing /
- federated learning /
- deep learning

HTML全文

图 1 联合入侵检测算法框架

Figure 1. Federated intrusion detection algorithm framework

下载: 全尺寸图片幻灯片

图 2 不同恶意节点数量下的性能比较

Figure 2. Performance comparison of different malicious nodes

下载: 全尺寸图片幻灯片

图 3 Fed-XGB算法加噪声前后的性能对比

Figure 3. Performance comparison of Fed-XGB algorithm under adding noise

下载: 全尺寸图片幻灯片

图 4 FedSGD算法加噪前后的性能比较

Figure 4. Performance comparison of FedSGD algorithm under adding noise

下载: 全尺寸图片幻灯片

表 1 仿真参数设置

Table 1. Simulation parameter settings

参数	数值/种类
网络覆盖范围/(m×m)	200×200
节点数量	300
节点最大覆盖范围/m	20
信道容量/(Mbit·s^-1)	2
攻击节点数目	15
路由协议	LEACH
MAC协议	TDMA
采样周期/s	5

下载: 导出CSV

表 2 数据集相关信息

Table 2. Related information of datasets

数据集	网络攻击类别
WSN-DS^[19]	Blackhole、Grayhole、Flooding、Scheduling
WSN-ids	Blackhole、Grayhole、Flooding、Scheduling
CICIDS 2017^[20]	Brute Force FTP、Brute Force SSH、DoS、Heartbleed、Web Attack、Infiltration、Botnet

下载: 导出CSV

表 3 不同算法整体性能对比

Table 3. Comparison of overall performance of each algorithm

算法	WSN-DS		CICIDS2017
算法	Accuracy	FAR	Accuracy	FAR
RF	0.884	0.152	0.822	0.223
GRU-SVM	0.966	0.136	0.896	0.104
ICNN	0.972	0.086	0.956	0.134
VAE	0.991	0.035	0.971	0.108
XGBoost	0.954	0.121	0.953	0.136
FedSGD	0.981	0.049	0.966	0.102
Fed-XGB	0.989	0.029	0.978	0.036

下载: 导出CSV

表 4 不同联合学习参数对上传次数的影响

Table 4. Influence of different federated learning parameters on communication rounds

方法	E	B	上传次数
FedSGD	1	∞	822
Fed-XGB	5	small	324
Fed-XGB	10	small	192
Fed-XGB	20	small	122
Fed-XGB	5	large	256
Fed-XGB	10	large	218
Fed-XGB	20	large	178

下载: 导出CSV

参考文献(26)

[1]	SALEHI M, HOSSAIN E. Federated learning in unreliable and resource-constrained cellular wireless networks[J]. IEEE Transactions on Communications, 2021, 69(8): 5136-5151. doi: 10.1109/TCOMM.2021.3081746
[2]	DE SOUZA C A, WESTPHALL C B, MACHADO R B, et al. Hybrid approach to intrusion detection in fog-based IoT environments[J]. Computer Networks, 2020, 180: 107417. doi: 10.1016/j.comnet.2020.107417
[3]	ZHANG W J, HAN D Z, LI K C, et al. Wireless sensor network intrusion detection system based on MK-ELM[J]. Soft Computing, 2020, 24(16): 12361-12374. doi: 10.1007/s00500-020-04678-1
[4]	TANG T A, MCLERNON D, MHAMDI L, et al. Intrusion detection in SDN-based networks: Deep recurrent neural network approach[M]//ALAZAB M, TANG M J. Deep learning applications for cyber security. Berlin: Springer, 2019: 175-195.
[5]	LI X M, ZHU L X, CHU X, et al. Edge computing-enabled wireless sensor networks for multiple data collection tasks in smart agriculture[J]. Journal of Sensors, 2020, 2020: 4398061.
[6]	周纯毅, 陈大卫, 王尚, 等. 分布式深度学习隐私与安全攻击研究进展与挑战[J]. 计算机研究与发展, 2021, 58(5): 927-943. https://www.cnki.com.cn/Article/CJFDTOTAL-JFYZ202105003.htm ZHOU C Y, CHEN D W, WANG S, et al. Research and challenge of distributed deep learning privacy and security attack[J]. Journal of Computer Research and Development, 2021, 58(5): 927-943(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-JFYZ202105003.htm
[7]	KHAN L U, SAAD W, HAN Z, et al. Federated learning for internet of things: Recent advances, taxonomy, and open challenges[J]. IEEE Communications Surveys & Tutorials, 2021, 23(3): 1759-1799.
[8]	CHEN Z, LYU N, LIU P F, et al. Intrusion detection for wireless edge networks based on federated learning[J]. IEEE Access, 2020, 8: 217463-217472. doi: 10.1109/ACCESS.2020.3041793
[9]	YANG H Y, WANG F Y. Wireless network intrusion detection based on improved convolutional neural network[J]. IEEE Access, 2019, 7: 64366-64374. doi: 10.1109/ACCESS.2019.2917299
[10]	ZHU G X, LIU D Z, DU Y Q, et al. Toward an intelligent edge: Wireless communication meets machine learning[J]. IEEE Communications Magazine, 2020, 58(1): 19-25. doi: 10.1109/MCOM.001.1900103
[11]	CHEKIRED D A, KHOUKHI L, MOUFTAH H T. Fog-based distributed intrusion detection system against false metering attacks in smart grid[C]//2019 IEEE International Conference on Communications. Piscataway: IEEE Press, 2019: 1-6.
[12]	MCMAHAN H B, MOORE E, RAMAGE D, et al. Communication-efficient learning of deep networks from decentralized data[EB/OL]. (2017-02-28)[2021-12-01]. https:arxiv.org/abs/1602.05629.
[13]	PREUVENEERS D, RIMMER V, TSINGENOPOULOS I, et al. Chained anomaly detection models for federated learning: an intrusion detection case study[J]. Applied Sciences, 2018, 8(12): 2663. doi: 10.3390/app8122663
[14]	CAMPOS E M, SAURA P F, GONZÁLEZ-VIDAL A, et al. Evaluating federated learning for intrusion detection in internet of things: Review and challenges[J]. Computer Networks, 2022, 203: 108661. doi: 10.1016/j.comnet.2021.108661
[15]	KELLI V, ARGYRIOU V, LAGKAS T, et al. IDS for industrial applications: A federated learning approach with active personalization[J]. Sensors(Basel, Switzerland), 2021, 21(20): 6743. doi: 10.3390/s21206743
[16]	HAN Y F, ZHANG X L. Robust federated training via collaborative machine teaching using trusted instances[EB/OL]. (2019-05-08)[2021-12-10]. https://arxiv.org/abs/1905.02941.
[17]	WANG L P, WANG W, LI B. CMFL: Mitigating communication overhead for federated learning[C]//2019 IEEE 39th International Conference on Distributed Computing Systems. Piscataway: IEEE Press, 2019: 954-964.
[18]	CHEN T Q, GUESTRIN C. XGBost: A scalble tree boosting system[C]//Proceedings of 22nd ACM SIGKDD International Conference on knowledge Discovery and Data Mining. New York: ACM, 2016: 785-794.
[19]	ALMOMANI I, AL-KASASBEH B, AL-AKHRAS M. WSN-DS: A dataset for intrusion detection systems in wireless sensor networks[J]. Journal of Sensors, 2016, 2016: 4731953.
[20]	SHARAFALDIN I, LASHKARI H A, GHORBANI A A. Toward generating a new intrusion detection dataset and intrusion traffic characterization[C]//Proceedings of the 4th International Conference on Information Systems Security and Privacy, 2018, 1: 108-116.
[21]	JOHNSON S R, JAIN A. An improved intrusion detection system using random forest and random projection[J]. International Journal of Scientific & Engineering Research, 2016, 7(10): 1424-1430.
[22]	AGARAP A F M. A neural network architecture combining gated recurrent unit (GRU) and support vector machine (SVM) for intrusion detection in network traffic data[C]//Proceedings of the 2018 10th International Conference on Machine Learning and Computing, 2018: 26-30.
[23]	刘月峰, 王成, 张亚斌, 等. 面向网络入侵检测系统的深度卷积神经网络模型[J]. 内蒙古科技大学学报, 2018, 37(1): 59-64. doi: 10.16559/j.cnki.2095-2295.2018.01.013 LIU Y F, WANG C, ZHANG Y B, et al. Deep convolutional neural network model for network intrusion detection system[J]. Journal of Inner Mongolia University of Science and Technology, 2018, 37(1): 59-64(in Chinese). doi: 10.16559/j.cnki.2095-2295.2018.01.013
[24]	FAN L N, YANG J H, MI T J. Malicious behavior catcher: An intrusion detection system based on VAE[C]//Communications, Signal Processing, and Systems, 2021.
[25]	张阳, 姚原岗. 基于XGboost算法的网络入侵检测研究[J]. 信息网络安全, 2018(9): 102-105. doi: 10.3969/j.issn.1671-1122.2018.09.016 ZHANG Y, YAO Y G. Research on network intrusion detection based on XGboost[J]. Netinfo Security, 2018(9): 102-105(in Chinese). doi: 10.3969/j.issn.1671-1122.2018.09.016
[26]	吴亚丽, 李国婷, 付玉龙, 等. 基于自适应鲁棒性的入侵检测模型[J]. 控制与决策, 2019, 34(11): 2330-2336. doi: 10.13195/j.kzyjc.2019.0592 WU Y L, LI G T, FU Y L, et al. A new intrusion detection model based on adaptability and robustness[J]. Control and Decision, 2019, 34(11): 2330-2336(in Chinese). doi: 10.13195/j.kzyjc.2019.0592