摘要
针对低速率入侵,常规的入侵检测方法能力不足,虚警率、漏警率偏高。为保证网络安全,提出一种基于混合神经网络模型的低速率网络入侵检测方法。利用NetFlow技术采集网络流量数据,对网络流量数据进行过滤和图像化处理。搭建由卷积神经网络和人工神经网络构成的混合神经网络模型,利用卷积神经网络提取网络流量数据的图像提取特征,利用人工神经网络检测网络入侵类型。结果表明:提出方法的虚警率、漏警率低于Transformer入侵检测方法、栈式自编码-长短期记忆(SAE-LSTM)检测方法和萤火虫优化(GSO)-基分类器检测方法,尤其在入侵速率更低(2 Mb/s)的情况下,所表现出的检测能力更为突出,说明针对低速率网络入侵问题,基于混合神经网络模型的检测方法的检测能力更强,检测结果更为准确。
For low-rate intrusions,conventional intrusion detection methods have insufficient capabilities,and the false alarm rate and missing rate are high.To ensure network security,a low-rate network intrusion detection method based on a hybrid neural network model was proposed.The NetFlow technology was used to collect network traffic data,and the network traffic data was filtered and processed graphically.A hybrid neural network model composed of convolutional neural networks and artificial neural networks was constructed.Convolutional neural networks were used to extract features from network traffic data images,and artificial neural networks were used to detect network intrusion types.The results show that the false alarm rate and missing alarm rate of the proposed method are lower than Transformer intrusion detection method,SAE-LSTM detection method and GSO-base classifier detection method,especially in the case of lower intrusion rates(2 Mb/s),the detection ability is more prominent,which indicating that the detection method based on hybrid neural network model is more powerful and more accurate for low-rate network intrusion.
作者
刘珊珊
李根
管艺博
LIU Shanshan;LI Gen;GUAN Yibo(School of Information Technology,Guangdong College of Finance and Trade,Guangzhou 510000,China;School of Artificial Intelligence and Big Data,Guangdong Business and Technology University,Zhaoqing 526040,China;School of Computing,Guangdong Business and Technology University,Zhaoqing 526040,China)
出处
《成都工业学院学报》
2024年第1期52-56,共5页
Journal of Chengdu Technological University
基金
广东省教育厅青年创新人才项目(2022WQNCX107)。
关键词
混合神经网络模型
卷积神经网络
人工神经网络
低速率入侵
网络流量数据
入侵检测方法
hybrid neural network model
convolutional neural network
artificial neural network
low-rate intrusion
network traffic data
intrusion detection methods
