基于改进LSTM的网络入侵检测方法  

作　　者：黄亮[1] 陶达[1] 王秀木 刘静闻 刘也凡 HUANG Liang;TAO Da;WANG Xiumu;LIU Jingwen;LIU Yefan(Seismological Bureau of Liaoning Province,Shenyang 110031,China)

机构地区：[1]辽宁省地震局,沈阳110031

出　　处：《计算机测量与控制》2025年第2期63-70,共8页Computer Measurement &Control

摘　　要：随着网络数据的增加,以及黑客技术的不断发展,网络入侵检测技术的精度以及效率需要进一步提升;针对此问题,提出一种基于逃避网络数据和改进长短时记忆网络的网络入侵检测模型;该模型将黑客入侵过程中产生的异常数据作为训练集和测试集;之后利用麻雀优化算法改进长短时记忆网络模型,并将其与卷积神经网络结合,通过强化学习进一步提升模型的检测精度;实验结果表明,基于改进长短时记忆网络的入侵检测模型的检测准确率达到了98.51%,且响应时间仅为0.84 s,漏报率和误报率分别为1.23%和0.36%;该网络入侵检测模型能够实现高效的网络入侵检测,实时保障网络安全,实现网络入侵防御,为网络安全提供可靠的技术支持;该方法在网络攻防领域具有积极意义,为相关领域研究提供了新的思路。With the increase of network data and the continuous development of hacker technology,network intrusion detection technology needs to further improve its accuracy and efficiency.To address this issue,a network intrusion detection model based on evading network data and improving long short-term memory(LSTM)network is proposed.This model uses the abnormal data generated during the hacker intrusion process as the training and testing sets.Afterwards,sparrow optimization algorithm(SSA)is used to improve the LSTM network model,which is combined with convolutional neural network(CNN)to further enhance the detection accuracy of the model through reinforcement learning.Experimental results show that the detection accuracy of the intrusion detection model based on the improved LSTM network reaches up to 98.51%,the response time is only 0.84s,and the missed and false alarm rates are 1.23%and 0.36%,respectively.This network intrusion detection model can effectively detects network intrusions,ensure real-time network security,realize network intrusion defense,and provide a reliable technical support for network security,which is of great significance in the field of network attack and defense,providing new ideas for research in related fields.

关 键 词：逃避行为 网络入侵 检测 LSTM SSA算法 CNN 强化学习 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]