Western-OC2-Lab/AutoML-and-Adversarial-Attack-Defense-for-Zero-Touch-Network-Security

# 用于零接触网络安全的 AutoML 和对抗攻击防御 本仓库包含发表于 IEEE Transactions on Network and Service Management 的论文 "[Enabling AutoML for Zero-Touch Network Security: Use-Case Driven Analysis](https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10472316)" 中介绍的基于 AutoML 的 IDS（入侵检测系统）和对抗攻击防御案例研究的代码。 该论文可在以下公开渠道获取： * Techrxiv: [Enabling AutoML for Zero-Touch Network Security: Use-Case Driven Analysis](https://www.techrxiv.org/users/692878/articles/682818-diving-into-zero-touch-network-security-use-case-driven-analysis) * arXiv: [Enabling AutoML for Zero-Touch Network Security: Use-Case Driven Analysis](https://arxiv.org/abs/2502.21286) 该代码是对全面的 **Automated Machine Learning (AutoML)** 教程代码的扩展，相关教程代码可在以下位置找到：[AutoML-Implementation-for-Static-and-Dynamic-Data-Analytics](https://github.com/Western-OC2-Lab/AutoML-Implementation-for-Static-and-Dynamic-Data-Analytics) * 包括 **自动数据预处理、自动特征工程、自动模型选择、超参数优化和自动模型更新**（概念漂移适应）。 * 适用于静态和动态网络环境下的网络安全和入侵检测系统开发。 ## AutoML 流程与步骤 1. 自动数据预处理 2. 自动特征工程 3. 自动模型选择 4. 超参数优化 5. 自动模型更新（用于解决概念漂移，仅适用于在线学习和数据流分析）

## 对抗机器学习（AML）攻击与防御

## 实现方式 * 用于 **静态/批处理数据分析** 的基于 AutoML 的离线 IDS 实现可在 [AutoML-based_IDS_Batch_Learning_Dataset_1.ipynb](https://github.com/Western-OC2-Lab/AutoML-and-Adversarial-Attack-Defense-for-Zero-Touch-Network-Security/blob/main/AutoML-based_IDS_Batch_Learning_Dataset_1.ipynb) 和 [AutoML-based_IDS_Batch_Learning_Dataset_2.ipynb](https://github.com/Western-OC2-Lab/AutoML-and-Adversarial-Attack-Defense-for-Zero-Touch-Network-Security/blob/main/AutoML-based_IDS_Batch_Learning_Dataset_2.ipynb) 中找到 * 用于 **动态/在线数据流分析** 的基于 AutoML 的在线 IDS 实现可在 [AutoML-based_IDS_Online_Learning_Dataset_1.ipynb](https://github.com/Western-OC2-Lab/AutoML-and-Adversarial-Attack-Defense-for-Zero-Touch-Network-Security/blob/main/AutoML-based_IDS_Online_Learning_Dataset_1.ipynb) 和 [AutoML-based_IDS_Online_Learning_Dataset_2.ipynb](https://github.com/Western-OC2-Lab/AutoML-and-Adversarial-Attack-Defense-for-Zero-Touch-Network-Security/blob/main/AutoML-based_IDS_Online_Learning_Dataset_2.ipynb) 中找到 * AML 攻击和防御实现可在 [AML_Attack_and_Defense_Dataset_1.ipynb](https://github.com/Western-OC2-Lab/AutoML-and-Adversarial-Attack-Defense-for-Zero-Touch-Network-Security/blob/main/AML_Attack_and_Defense_Dataset_1.ipynb) 和 [AML_Attack_and_Defense_Dataset_2.ipynb](https://github.com/Western-OC2-Lab/AutoML-and-Adversarial-Attack-Defense-for-Zero-Touch-Network-Security/blob/main/AML_Attack_and_Defense_Dataset_2.ipynb) 中找到 ### 静态机器学习与深度学习算法 * Random forest (RF) * LightGBM * K-nearest neighbor (KNN) * Artificial Neural Networks (ANN) ### 动态/在线学习算法 * Hoeffding Tree (HT) * K Nearest Neighbors-Adaptive Windowing (KNN-ADWIN) * Adaptive Random Forest (ARF) * Streaming Random Patches (SRP) ### 优化/AutoML 算法 * Grid search * Bayesian Optimization with Tree-structured Parzen Estimator (BO-TPE) * Particle Swarm Optimization (PSO) ### AML 攻击 * Decision Tree Attack (DTA) * Fast Gradient Sign Method (FGSM) * Basic Iterative Method (BIM) ### AML 防御方法 * Adversarial Sample Detection * Adversarial Sample Filtering/Removal ### 数据集 1. CICIDS2017 数据集，一种用于入侵检测问题的流行网络流量数据集 * 公开获取地址：https://www.unb.ca/cic/datasets/ids-2017.html 2. 5G-NIDD 数据集，一种最先进的 5G 网络安全数据集 * 公开获取地址：https://ieee-dataport.org/documents/5g-nidd-comprehensive-network-intrusion-detection-dataset-generated-over-5g-wireless ### 环境要求 * Python 3.6+ * [Keras](https://keras.io/) * [scikit-learn](https://scikit-learn.org/stable/) * [hyperopt](https://github.com/hyperopt/hyperopt) * [optunity](https://github.com/claesenm/optunity) * [LightGBM](https://lightgbm.readthedocs.io/en/latest/) * [River](https://riverml.xyz/dev/) * [Adversarial Robustness Toolbox (ART)](https://github.com/Trusted-AI/adversarial-robustness-toolbox) ## 联系方式 如有任何问题或合作机会，请随时联系我。我很乐意提供帮助。 * 邮箱: [liyanghart@gmail.com](mailto:liyanghart@gmail.com) * GitHub: [LiYangHart](https://github.com/LiYangHart) 和 [Western OC2 Lab](https://github.com/Western-OC2-Lab/) * LinkedIn: [Li Yang](https://www.linkedin.com/in/li-yang-phd-65a190176/) * Google Scholar: [Li Yang](https://scholar.google.com.eg/citations?user=XEfM7bIAAAAJ&hl=en) ## 引用 如果您在研究中发现本仓库有用，请按以下格式引用该文章： L. Yang, M. E. Rajab, A. Shami and S. Muhaidat, "Enabling AutoML for Zero-Touch Network Security: Use-Case Driven Analysis," in IEEE Transactions on Network and Service Management, vol. 21, no. 3, pp. 3555-3582, June 2024, doi: 10.1109/TNSM.2024.3376631. ``` @ARTICLE{10472316, author={Yang, Li and Rajab, Mirna El and Shami, Abdallah and Muhaidat, Sami}, journal={IEEE Transactions on Network and Service Management}, title={Enabling AutoML for Zero-Touch Network Security: Use-Case Driven Analysis}, year={2024}, volume={21}, number={3}, pages={3555-3582}, keywords={Security;Automation;Surveys;Computer security;Optimization;Network security;Data models;Zero-touch networks;6G network;AutoML;adversarial attacks;cybersecurity;intrusion detection system;network automation}, doi={10.1109/TNSM.2024.3376631}} ```

标签：AutoML, IEEE TNSM, 入侵检测系统, 动态网络环境, 在线学习, 安全数据湖, 对抗性攻击防御, 数据预处理, 概念漂移, 模型选择, 特征工程, 网络安全, 自动化机器学习, 论文复现, 超参数优化, 逆向工具, 隐私保护, 零接触网络安全