Information Security Coding Rule Based on Neural Network and Greedy Algorithm and Application in Network Alarm Detection

Transcription

1 th International Conference on Advances in Social Science, Humanities, and Management (ASSHM 2016) ISBN: Information Security Coding Rule Based on Neural Network and Greedy Algorithm and Application in Network Alarm Detection Bei Xie 1 Abstract With the development of computer network, network information resources have brought great convenience to users. However, the security problems of computer network have become increasingly prominent, and the main threat is the invasion of the information system through the network. Network intrusion will bring great losses to society, especially to the government and military agencies. With the increase of network intrusion, the firewall can't resist the attack on the network. Intrusion detection system makes up the shortcomings of traditional Internet security technology, and it is a kind of active defense technology. Through security log, audit data and other information, intrusion detection system can detect the network attacks and take the corresponding measures. Intelligent intrusion detection system is a hot spot in the field of network security, commonly based on neural network, genetic algorithm, greedy algorithm, fuzzy technology, and so on. In this paper, we apply the neural network and the greedy algorithm into the network security detection system. We analyze the theories of neural network and greedy algorithm, and introduce the evaluation model of network security system. Experiments show that the information security coding rule based on neural network and greedy algorithm can help network monitoring system better detect the network attacks. Keywords: Information Security Coding Rule, Neural Network, Greedy Algorithm, Network Alarm Detection, Applications. Introduction In recent years, with the development of computer and network technology, people have entered the information age. The number of users of computer network is increasing rapidly, and the network speed is accelerating. People communicate on the Internet through cables, optical fibers, and all kinds of radio waves. The Internet is closely related to people's study, work and life, and commercial banks, government and military data put forward a very high demand for network security. In the military field, information security is related to the security of the whole country and the army. Therefore, it is very important to protect the information security, by the way, how to establish a perfect network security intrusion detection system is a hot issue. Computer network security is a broad area, which is divided into system security and transmission security from the network structure. System security refers to the security of computer operating system; transmission security is mainly refers to avoiding being modified, damage, interception and eavesdropping in the transmission process. With the expansion of the network, security issues will become more diverse and complex. Typical network threats are malicious attacks, security vulnerabilities, software vulnerabilities, structural problems, and so on. Strengthening the information security is the key to the operation and maintenance of the 1 Jiangxi Police College,Nanchang, Jiangxi, China 298

2 network environment, and we must take effective methods to protect the security of network information. As an active defense technology, intrusion detection technology makes up the deficiency of traditional security technology. Intrusion detection system can monitor the computer and the network in real time, analyze and detect suspicious data. Intrusion detection, as an important part of the system security technology has been valued by many countries. Because the neural network has the characteristics of parallel processing, which can greatly improve the processing speed of the system and it is widely used in the field of computer science. In this paper, we apply the neural network and the greedy algorithm into the network security detection system. The theoretical basis of neural network and greedy algorithm are introduced in the following passages. The Proposed Methodology New Network Coding Technology. In the traditional computer network data transmission process, data will be transmitted through the router which can transmit data to different places according to the target address, and this approach limits the speed and efficiency of network transmission. Recently, by using the new network coding technology, a large amount of data can be transmitted at the same time, this will not generate data congestion problem. (a) (b) Figure 1. (a): Schematic diagram of network information transmission; (b): Schematic diagram of network coding information transmission. Compared with the traditional network information transmission process, the new network coding technology can transmit a large amount of data at the same time. Meanwhile, the new network coding technology has higher node security, and can prevent personal network information from virus attack and network hackers. The Characteristics of Network Coding Technology and its Impact on Information Security. In recent years, experts have used linear coding and algebraic coding in network coding technology. New network coding technology can improve the speed of data transmission and protect the security of network information at the same time. Higher efficiency of information transmission. It can affect the terminal user's working mode. Higher node security. Modified network anti-virus attack ability. 299

3 Network coding technology is a research topic which has been developing rapidly in recent ten years. Although it has not been applied into the actual communication network, it has attracted great attention. For instance, the US military has applied network coding technology into Mobile Ad Hoc Network. Therefore, we should catch up with the pace of development of the Internet technology, in order to further improve the network environment. Base on Neural Network. At present, a variety of neural network models have been proposed. In this paper, we apply BP neural network into network intrusion detection system. Due to the constant change of the hacker's attack methods and computer systems, no matter how we update the rule bank and pattern library, we are unable to precisely identify the change in attack behavior. The constant change of the network attack method requires strong flexibility of security system with simpler structure than expert system. There are usually two ways to apply neural network into intrusion detection system: Combine the neural network with the expert system or mode. In this way, neural network is used to filter suspicious information in data and transmit these information to expert system. This can reduce the false alarm of the expert system and improve the effectiveness of the detection system. Typically, an expert system reduces the false alarm rate by sacrificing sensitivity. Nevertheless, because the expert system only receives the suspicious event data transmitted from neural network, its sensitivity will increase greatly. The neural network is used as an independent feature detection system. In this structure, the neural network receives the data from the network, and analyses the data. Any event that is identified as a sign of attack will be transmitted to the security administrator or the automated intrusion response system. This method is faster than the previous method, because this structure has only a single analysis layer. The neural network can learn the characteristics of attack, and the utility of this kind of structure will be improved continuously. Compared with the first method, neural network-based method will not be limited by the analysis ability of expert system, and ultimately it will break the restrictions of rule-based expert system. Figure 2. Structure of Neural Network. 300

4 Based on Greedy Algorithm. Greedy algorithm is a kind of hierarchical processing method which can get the optimal solution. Greedy algorithm is not considered one question as a whole, because this method only figure out local optimal solution. The basic idea of the greedy algorithm is to choose the optimal solution from the initial solution of the problem. Each step only one data is considered, the selection rules of greedy algorithm should satisfy the conditions of local optimization. If the next data and partial optimal solutions are not feasible solution, this data is not added to the partial solution, until all the data are enumerated. The core problem of the greedy algorithm is to choose the best measure standard of the optimal solution, that is, the specific greedy strategy. Greedy algorithm is one of the most commonly used method in computer algorithm, and it can be used to solve the optimization problem. According to these characteristics of greedy algorithm, we can use it in the network intrusion detection system. From the overall point of view, greedy strategy without backtracking process can select the suspicious data from a large amount of data effectively. The basic idea of greedy algorithm: Establish a mathematical model to describe the problem. Divide one problem into several sub-problems. For each sub problem, the local optimal solution of the sub problem is obtained. Combine the local optimal solutions of sub-problems into one final solution. Proving the correctness of greedy nature is the real challenge of the greedy algorithm, because not every local optimal solution can be related to the global optimal solution. Greedy algorithm is a very common algorithm, although the final solution is not necessarily the optimal solution, but it can determine a feasible range for some problems. Greedy algorithm has the advantage of speed in the process of encoding, but its application area is relatively small. Figure 3. Structure of Greedy Algorithm. Network Security Evaluation Model. A complete network security assessment model is composed of the following parts: master control module, system configuration module, vulnerability database, service interface, information collection plug-in, service scan plug-in, vulnerability update plug-in, result analysis module, and output module. 301

5 For network security assessment, the main steps are as follows: System configuration, determining whether evaluation object need to update the vulnerability library or configure the necessary files. Information collection module collects the type of remote operating system, version and other information. Service scanning module scans the service provided by the target. Transmitting the information to the plug-in service interface. Result analysis module obtains attack results from database, and analyzes the data. Output module describes the results. Service interface records the attack results. Conclusion With the development of computer network, network information resources have brought great convenience to users. However, the security problems of computer network have become increasingly prominent, and the main threat is the invasion of the information system through the network. Focusing on this hot issue, in this paper, we apply the neural network and the greedy algorithm into the network security detection system. In recent years, a variety of neural network models have been proposed which are applied to network intrusion detection system in many developed countries. Greedy algorithm can figure out the optimal solution during encoding process, which is a very common algorithm, although the final solution is not necessarily the optimal solution, but it can determine a feasible range for some problems. Greedy algorithm has the advantage of speed in the process of encoding, and the basic idea of the greedy algorithm is to choose the optimal solution from the initial solution of the problem. Therefore, combining the advantages of these two algorithms, we apply these two algorithms to the network security intrusion detection system. In this paper, we analyze the theories of neural network and greedy algorithm, and introduce the evaluation model of network security system. Several applications and experiments show that the information security coding rule based on neural network and greedy algorithm can help network monitoring system better detect the network attacks. References [1] Burr, Geoffrey W., et al. "Experimental demonstration and tolerancing of a large-scale neural network ( Synapses) using phase-change memory as the synaptic weight element." IEEE Transactions on Electron Devices62.11 (2015): [2] Ge, Shuzhi Sam, et al. Stable adaptive neural network control. Vol. 13. Springer Science & Business Media, [3] Razavi, Behzad Saeedi. "Predicting the trend of land use changes using artificial neural network and markov chain model (case study: Kermanshah City)." Research Journal of Environmental and Earth Sciences 6.4 (2014): [4] Nigam, Vivek Prakash, and Daniel Graupe. "A neural-network-based detection of epilepsy." Neurological Research (2013). 302

6 [5] Snodin, Navaporn S. "The effects of blended learning with a CMS on the development of autonomous learning: A case study of different degrees of autonomy achieved by individual learners." Computers & Education 61 (2013): [6] Wang, Haoxiang, and Jingbin Wang. "An effective image representation method using kernel classification." 2014 IEEE 26th International Conference on Tools with Artificial Intelligence. IEEE, [7] Roy, Asim, et al. "Editorial Special Issue on Autonomous Learning." Neural Networks 41 (2013): 1-2. [8] Carey, Gemma, Scott Harrison, and Rachael Dwyer. "Encouraging reflective practice in conservatoire students: a pathway to autonomous learning?."music Education Research (2016): [9] Di Nuovo, Alessandro G., et al. "Autonomous learning in humanoid robotics through mental imagery." Neural Networks 41 (2013): [10] Zhao, Wanli. "Research on college English autonomous learning strategies based on the digital instructional platform." Theory and Practice in Language Studies 4.9 (2014):