基于深度学习的网络流量异常检测
首发时间:2020-03-30
摘要:为了提高网络入侵检测系统(IDS)的性能,将深度学习理论应用于流量异常检测,并研究出可以对特征进行自动提取和降维的深度神经网络模型。模型由自动编码器,带有门控循环单元(GRU)的循环神经网络和softmax模块组成。将KDD99作为主要研究数据集,利用独热编码对数据集的原始数据进行向量化,并利用自编码器对特征向量进行降维,然后利用循环神经网络的中的GRU网络进行特征学习,最后训练分类器模型进行检测。对比实验表明,该方法在检测精度高达99%的前提下,能够有效缩短训练时间,相较于直接学习特征向量的深度学习模型,可减少训练时间至50%以上。同时,GRU比LSTM更适合作为RNN的记忆单元,并证明它是LSTM的有效简化和改进。?????
For information in English, please click here
Network Anomaly Detection Based on Deep Learning
Abstract:In order to improve the performance of the network intrusion detection system (IDS), deep learning theory is applied to traffic anomaly detection, and a deep neural network model that can automatically extract and reduce dimensions of features is developed. The model consists of an automatic encoder, a recurrent neural network with a gated recurrent unit (GRU), and a softmax module. Using KDD99 as the main research data set, the original data of the data set is vectorized by using one-hot encoding, and the feature vector is reduced by using an autoencoder. Then, the GRU network in the recurrent neural network is used for feature learning and finally training The classifier model is detected. Comparative experiments show that the proposed method can effectively shorten the training time on the premise that the detection accuracy is as high as 99%, and can reduce the training time to more than 50% compared to the deep learning model that directly learns the feature vector. At the same time, GRU is more suitable than LSTM as the memory unit of RNN, and proves that it is an effective simplification and improvement of LSTM.?????
Keywords: Deep Learning Anomaly GRU
基金:
引用
No.****
同行评议
勘误表
基于深度学习的网络流量异常检测
评论
全部评论0/1000