Network Anomaly Detection Based on Deep Learning

• 1、Institute of network technology, Beijing University of Posts and Telecommunications, Beijing 100876
• 2、School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876

Abstract：In order to improve the performance of the network intrusion detection system (IDS), deep learning theory is applied to traffic anomaly detection, and a deep neural network model that can automatically extract and reduce dimensions of features is developed. The model consists of an automatic encoder, a recurrent neural network with a gated recurrent unit (GRU), and a softmax module. Using KDD99 as the main research data set, the original data of the data set is vectorized by using one-hot encoding, and the feature vector is reduced by using an autoencoder. Then, the GRU network in the recurrent neural network is used for feature learning and finally training The classifier model is detected. Comparative experiments show that the proposed method can effectively shorten the training time on the premise that the detection accuracy is as high as 99%, and can reduce the training time to more than 50% compared to the deep learning model that directly learns the feature vector. At the same time, GRU is more suitable than LSTM as the memory unit of RNN, and proves that it is an effective simplification and improvement of LSTM.?????

Keywords： Deep Learning Anomaly GRU