舰船行进中通信节点动态变化,网络拓扑结构多变,易受各种入侵,其中部分隐态入侵因隐蔽性强常被误判,导致入侵检测准确度下降。因此,提出基于云计算技术的舰船通信网络异常入侵检测方法。选取Spark平台,借助Apache Spark框架的Map Reduce处理方式,通过主节点对从节点进行异常入侵检测任务的调度、分发。从节点并行运行长短时记忆网络,利用遗忘门与输入门处理信息,更新记忆单元,输出异常入侵检测结果。主节点利用非线性最小二乘法构建全局异常入侵检测模型,综合从节点检测结果,最终输出舰船通信网络异常入侵检测结果。实验结果表明,该方法能够有效检测模糊攻击、泛攻击等多种舰船通信网络异常入侵行为,且网络吞吐量高于3 Mb/s,具有实际应用性。
During the movement of ships, communication nodes dynamically change and network topology structures are diverse, making them vulnerable to various intrusions. Some hidden intrusions are often misjudged due to their strong concealment, resulting in a decrease in intrusion detection accuracy. Therefore, a ship communication network anomaly intrusion detection method based on cloud computing technology is proposed. Select the Spark platform and utilize the Map Reduce processing method of the Apache Spark framework to schedule and distribute anomaly intrusion detection tasks from the master node to the slave nodes. Run long short-term memory networks in parallel from nodes, use forget gates and input gates to process information, update memory units, and output abnormal intrusion detection results. The master node uses nonlinear least squares method to construct a global anomaly intrusion detection model, integrates the detection results of the slave nodes, and finally outputs the anomaly intrusion detection results of the ship communication network. The experimental results show that this method can effectively detect various abnormal intrusion behaviors in ship communication networks such as fuzzy attacks and pan attacks, and the network throughput is higher than 3Mbps, which has practical applicability.
2025,47(4): 173-177 收稿日期:2023-12-23
DOI:10.3404/j.issn.1672-7649.2025.04.028
分类号:TP393
基金项目:辽宁省教育科学十三五规划课题(JG16EB043);辽宁省教育科学十四五规划课题(JG21BB039);中国成人教育协会“十四五”成人继续教育科研规划课题(2023-621Y)
作者简介:于隆(1972-),男,硕士,副教授,研究方向为计算机软件开发、网络与数据库等
参考文献:
[1] 余骁, 徐位凯, 孙海信, 等. MM-LoRa-Mod: 一种应用于水声通信的非相干LoRa调制方案[J]. 电信科学, 2024, 40(9): 13-27.
YU X, XU W K, SUN H X, et al. MM-LoRa-Mod: A non-coherent LoRa modulation scheme for underwater acoustic communications[J]. Telecommunications Science, 2024, 40(9): 13-27.
[2] 陈立家, 周为, 许毅, 等. 一种基于SDN的多约束无人船网络传输路由算法[J]. 中国舰船研究, 2022, 17(4): 107-113.
CHEN L J, ZHOU W, XU Y, et al. Multi-constrained unmanned surface vessel network transmission routing algorithm based on SDN[J]. Chinese Journal of Ship Research, 2022, 17(4): 107-113.
[3] 肖衡, 龙草芳. 基于机器学习的无线传感网络通信异常入侵检测技术[J]. 传感技术学报, 2022, 35(5): 692-697.
XIAO H, LONG C F. Communication anomaly intrusion detection technology for wireless sensor networks based on machine learning[J]. Chinese Journal of Sensors and Actuators, 2022, 35(5): 692-697.
[4] 苏新, 张桂福, 行鸿彦, 等. 基于平衡生成对抗网络的海洋气象传感网入侵检测研究[J]. 通信学报, 2023, 44(4): 124-136.
SU X, ZHANG G F, XING H Y, et al. Research on intrusion detection for maritime meteorological sensor network based on balancing generative adversarial network[J]. Journal on Communications, 2023, 44(4): 124-136.
[5] SENIARAY S, JINDAL R. Performance analysis of anomaly-based network intrusion detection using feature selection and machine learning techniques. Wireless Personal Communications, 138(4), 2321-2351.
[6] 田世林, 李焕洲, 唐彰国, 等. 基于堆叠稀疏去噪自编码器的混合入侵检测方法[J]. 四川师范大学学报(自然科学版), 2024, 47(4): 517-527.
TIAN S L, LI H Z, TANG Z G, et al. Hybrid intrusion detection method based on stacked sparse self-encoder[J]. Journal of Sichuan Normal University(Natural Science), 2024, 47(4): 517-527.
[7] 罗宏芳, 王春枝. 云计算下大规模网络流量异常检测仿真[J]. 计算机仿真, 2023, 40(1): 433-436+532.
LUO H F, WANG C Z. Simulation of large-scale network traffic anomaly detection under cloud computing[J]. Computer Simulation, 2023, 40(1): 433-436+532.
[8] 杨晨, 邓茹凤, 张宏, 等. 基于网络通信的设备互操和数据热备份的设计方法[J]. 船海工程, 2022, 15(5): 11-14.
YANG C, DENG R F, ZHANG H, et al. Design method for equipment interoperation and data hot-backup based on network communication[J]. Ship & Ocean Engineering, 2022, 15(5): 11-14.
