|国家科技期刊平台
| 注册
首页|期刊导航|通信学报|面向主机入侵检测的多视图对抗攻击防御方法

面向主机入侵检测的多视图对抗攻击防御方法

王飞 钱可涵 吕明琪 朱添田 陈鸿龙

通信学报2025,Vol.46Issue(8):53-65,13.
通信学报2025,Vol.46Issue(8):53-65,13.DOI:10.11959/j.issn.1000-436x.2025140

面向主机入侵检测的多视图对抗攻击防御方法

Multi-view adversarial attack defending method for host intrusion detection

王飞 1钱可涵 2吕明琪 3朱添田 2陈鸿龙1

作者信息

  • 1. 中国石油大学(华东)控制科学与工程学院,山东 青岛 266580
  • 2. 浙江工业大学计算机科学与技术学院,浙江 杭州 310023
  • 3. 浙江工业大学地理信息学院,浙江 湖州 313299
  • 折叠

摘要

Abstract

Host-based intrusion detection(HID)aims to identify attack behaviors through the analysis of host logs.Aim-ing at the problem that the graph neural network model was vulnerable to adversarial attacks in host intrusion detecti on,a multi-view adversarial defense method was proposed.By constructing dual views of structure and behavior to integrate multi-dimensional features,screening low-transferability complementary model pairs,and designing a hierarchical vot-ing mechanism to integrate heterogeneous model decisions,the robustness of detection was enhanced.The efficacy of the proposed method was evaluated using authentic host kernel log datasets.The experimental results demonstrate that the method exhibits superior performance compared to existing adversarial attack defense methods.Specifically,a mali-cious node recall rate exceeding 80%is achieved under typical adversarial attacks,representing a 23%increase over ex-isting single-model defense methods.Additionally,the false alarm rate is maintained below 10%,substantiating the effi-cacy of the transferability analysis-based fusion strategy for robustness enhancement.

关键词

对抗攻击/主机入侵检测/溯源图/多模型集成

Key words

adversarial attack/host intrusion detection/provenance graph/multi-model ensemble

分类

信息技术与安全科学

引用本文复制引用

王飞,钱可涵,吕明琪,朱添田,陈鸿龙..面向主机入侵检测的多视图对抗攻击防御方法[J].通信学报,2025,46(8):53-65,13.

基金项目

国家自然科学基金资助项目(No.62372410,No.62002324) (No.62372410,No.62002324)

浙江省自然科学基金资助项目(No.LZ23F020011) (No.LZ23F020011)

杭州市重点研发计划基金资助项目(No.2024SZD1A11) (No.2024SZD1A11)

山东省泰山学者青年专家基金资助项目(No.tsqn202312133) (No.tsqn202312133)

山东省优秀青年科学基金资助项目(No.ZR2022YQ61)The National Natural Science Foundation of China(No.62372410,No.62002324),The Natural Science Founda-tion of Zhejiang Province(No.LZ23F020011),The Key Research and Development Program of Hangzhou(No.2024SZD1A11),The Shandong Provincial Taishan Scholar Program(No.tsqn202312133),The Shandong Provincial Natural Science Foundation(No.ZR2022YQ61) (No.ZR2022YQ61)

通信学报

OA北大核心

1000-436X

访问量0
|
下载量0
段落导航相关论文