Popis: |
Intrusion detection of network traffic is essential in the field of network security. The types of network traffic are diverse. Their attributes are highly correlated at the same time and are continuous in time. However, existing deep learning methods do not use them together for classification. The traditional intrusion detection methods that rely on manual extraction features have problems such as high false positive rate and low recognition performance. This paper proposes a deep learning method DeepIDN that uses the spatial and temporal features of data attributes to perform classification tasks and applies it to intrusion detection. DeepIDN uses a two-dimensional convolution operation to construct a convolutional neural network (CNN) layer to extract the association between data attributes and establish a spatial feature model. Then, by constructing a long short-term memory (LSTM) layer to extract time-related correlation between features, a relational model on time series is established. Finally, using the support vector machine as a classifier, the intrusion detection of network traffic is realized, and the prediction performance is greatly improved. Compared to traditional methods, DeepIDN does not require a lot of data preprocessing workload. The experimental results show that compared with the similar intrusion detection methods, the accuracy of DeepIDN for malicious network traffic judgment is significantly improved, reaching 98.66% training accuracy and 97.15% testing accuracy and higher robustness during the training and testing. |