面向样本不平衡的网络入侵检测方法  

Network intrusion detection for unbalanced samples

作  者:王肖 李大鹏[1] WANG Xiao;LI Dapeng(College of Telecommunications&Information Engineering,Nanjing University of Posts and Telecommunications,Nanjing Jiangsu 210003,China)

机构地区:[1]南京邮电大学通信与信息工程学院,江苏南京210003

出  处:《无线通信技术》2025年第1期6-12,共7页Wireless Communication Technology

基  金:国家自然科学基金项目(62371245)。

摘  要:针对当前网络入侵检测方法特征信息提取不足、网络异常流量样本数量不平衡导致入侵检测准确率低的问题,提出一种结合卷积神经网络(Convolutional Neural Network,CNN)、双向门控循环单元(Bidirectional Gated Recurrent Unit,BiGRU)与注意力机制的网络入侵检测方法。首先,对网络流量数据进行数据预处理;然后,通过一维卷积神经网络提取其局部特征,双向门控循环单元提取其长距离序列特征;最后,融合注意力机制使关键信息得到更好的表达。此外,引入Equalization Loss v2(EQL v2)作为损失函数对少数类样本进行加权,以解决网络流量样本不平衡的问题。在CICIDS2017数据集上的结果表明,所提方法能够有效改善原始数据集中的样本不平衡问题,提高对网络入侵的检测准确率和异常流量样本的检测能力。Aiming at the problems of insufficient feature information extraction and unbalanced number of network abnormal traffic samples leading to low intrusion detection accuracy in current network intrusion detection methods,a intrusion detection method combining Convolutional Neural Network(CNN)and Bidirectional Gated Recurrent Unit(BiGRU)and Attention mechanism is proposed.Firstly,the network traffic data is preprocessed.Then,the local features of traffic data are extracted by one-dimensional convolutional neural network and the long-distance sequence features are extracted by bidirectional gated recurrent unit.Finally,the attention mechanism is integrated to better express the key information.In addition,the EQL v2 algorithm is introduced to weight the minority samples to solve the problem of unbalanced network traffic samples.Experimental results on the CICIDS2017 dataset show that the proposed method can effectively improve the problem of unbalanced samples in the original dataset,enhance the detection accuracy of network intrusion and the detection ability of abnormal traffic samples.

关 键 词:网络入侵检测 样本不平衡 卷积神经网络 双向门控循环控制单元 注意力机制 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象