[1]石迎澳,李润知,姬怡.基于联邦全局知识蒸馏的异常网络入侵检测方法[J].计算机技术与发展,2025,(07):55-62.[doi:10.20165/j.cnki.ISSN1673-629X.2025.0087]
 SHI Ying-ao,LI Run-zhi,JI Yi.Anomaly Network Intrusion Detection Method Based on Federated Learning with Global Knowledge Distillation[J].,2025,(07):55-62.[doi:10.20165/j.cnki.ISSN1673-629X.2025.0087]
点击复制

基于联邦全局知识蒸馏的异常网络入侵检测方法()

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
期数:
2025年07期
页码:
55-62
栏目:
网络空间安全
出版日期:
2025-07-10

文章信息/Info

Title:
Anomaly Network Intrusion Detection Method Based on Federated Learning with Global Knowledge Distillation
文章编号:
1673-629X(2025)07-0055-08
作者:
石迎澳1李润知12姬怡1
1. 郑州大学 网络空间安全学院,河南 郑州 450001;
2. 郑州大学 网络管理中心,河南 郑州 450001
Author(s):
SHI Ying-ao1LI Run-zhi12JI Yi1
1. School of Cyber Science and Engineering,Zhengzhou University,Zhengzhou 450001,China;
2. Network Management Center,Zhengzhou University,Zhengzhou 450001,China
关键词:
入侵检测系统联邦学习数据隐私知识蒸馏数据异构
Keywords:
intrusion detection systemfederated learningdata privacyknowledge distillationdata heterogeneity
分类号:
TP399
DOI:
10.20165/j.cnki.ISSN1673-629X.2025.0087
摘要:
在网络入侵检测领域,联邦学习(FL)作为一种保护数据隐私的分布式处理方法受到了广泛关注。 然而,由于参与节点间的数据异构性,传统的联邦学习方法在联合训练过程中往往难以实现高性能。 为了解决这一问题,该文提出了一种改进的联邦学习方法,即基于联邦全局知识蒸馏的异常网络入侵检测方法(FLGKD-ANIDS)。 该方法在中央服务器中设置了一个缓冲区,用于缓存客户端上传的多轮模型参数。 进一步地,这些缓存的参数被用于生成包含多轮全局知识的教师模型参数,指导客户端侧的知识蒸馏过程。 这一机制使得客户端能够在注入全局知识特征的情况下训练本地数据。实验在两个公开数据集 UNSW-NB15 和 CIC-IDS2017 上进行,结果显示 FLGKD-ANIDS 在各种数据异构场景下显著提升了模型性能,其性能更接近于集中训练模型的水平。
Abstract:
In the field of network intrusion detection,Federated Learning (FL) has gained significant attention as a distributed processing method that protects data privacy. However,due to data heterogeneity among participating nodes,traditional FL methods often fail to achieve high performance during joint training. To address this issue,we propose an improved federated learning with global knowledge distillation (FLGKD-ANIDS). It sets up a buffer in the central server to cache multiple rounds of model parameters uploaded by clients.Furthermore,these cached parameters are used to generate teacher model parameters containing multi-round global knowledge,which guide the knowledge distillation process in the client side. This mechanism allows clients to train the local data by injecting global knowledge feature. We conducted experiments on two public available datasets,UNSW-NB15 and CIC-IDS2017. The results show that FLGKD-ANIDS significantly improves model performance across various data heterogeneity scenarios compared to existing federated learning methods,and its performance approaches that of centrally trained models.

相似文献/References:

[1]陶善旗 李俊 郭伟群 李海龙.入侵检测系统中模式匹配算法的研究与改进[J].计算机技术与发展,2010,(02):167.
 TAO Shan-qi,LI Jun,GUO Wei-qun,et al.Research and Improvement of Pattern Matching Algorithm for Intrusion Detection System[J].,2010,(07):167.
[2]高永梅 吴吉义[] 平玲娣.一种改进的移动自组网络入侵检测系统研究[J].计算机技术与发展,2009,(08):140.
 GAO Yong-mei,WU Ji-yi,PING Ling-di.Research on Improved Intrusion Detection System in Mobile Ad hoc Network[J].,2009,(07):140.
[3]孟宪苹 宋菲 李俊.基于序列模式挖掘的入侵检测系统的研究[J].计算机技术与发展,2008,(03):154.
 MENG Xian-ping,SONG Fei,LI Jun.Research of Intrusion Detection System Based on Sequential Pattern Mining[J].,2008,(07):154.
[4]李玲娟 李冰 薛明.K-MEANS算法在IDS中的应用研究[J].计算机技术与发展,2010,(07):129.
 LI Ling-juan,LI Bing,XUE Ming.Research on Application of K-MEANS Algorithm in IDS[J].,2010,(07):129.
[5]曾庆花 王文国.一种改进的模糊关联算法及其在IDS中的应用[J].计算机技术与发展,2007,(07):236.
 ZENG Qing-hua,WANG Wen-guo.An Improved Algorithm of Fuzzy Association Rules and Its Application in IDS[J].,2007,(07):236.
[6]玄加林 才书训.分布式入侵检测中负载平衡的应用分析与设计[J].计算机技术与发展,2006,(01):213.
 XUAN Jia-lin,CAI Shu-xun.Application Analysis and Design of Loading Balance in Distributed Intrusion Detection System[J].,2006,(07):213.
[7]蔡敏 叶震 徐吉斌.协议分析技术在入侵检测中的应用[J].计算机技术与发展,2007,(02):239.
 CAI Min,YE Zhen,XU Ji-bin.Application of Protocol Analysis Technology in IDS[J].,2007,(07):239.
[8]肖竟华 卢娜.基于网络的入侵检测系统的研究及实现[J].计算机技术与发展,2007,(02):242.
 XIAO Jing-hua,LU Na.The Study and Implementation of NIDS[J].,2007,(07):242.
[9]方贤进 李敬兆 姚亚锋 陈代梅.一种校园网的网络安全策略[J].计算机技术与发展,2006,(05):121.
 FANG Xian-jin,LI Jing-zhao,YAO Ya-feng,et al.A Network Security Strategy for Campus Network[J].,2006,(07):121.
[10]刘毅 刘益和.基于jQuery的SQL注入攻击防范实现[J].计算机技术与发展,2011,(02):177.
 LIU Yi,LIU Yi-he.JQuery-Based Implementation of SQL Injection Attacks Prevention[J].,2011,(07):177.

更新日期/Last Update: 2025-07-10