黄璇丽,李成明,姜青山.基于深度学习的网络流时空特征自动提取方法[J].集成技术,2020,(2):60-69
基于深度学习的网络流时空特征自动提取方法
A Deep Learning-Based Spatio-Temporal Features Extraction Methodfor Network Flow
  
DOI:10.12146/j.issn.2095-3135.20191231002
中文关键词:  网络流量;网络入侵检测;卷积神经网络;循环神经网络;时空特征提取
英文关键词:network traffic; network intrusion detection; convolution neural networks; recurrent neural networks; spatio-temporal features extraction
基金项目:广东省重点领域研发计划项目(2019B0101137002);深圳市基础研究项目(JCYJ20180302145607677)
作者单位
黄璇丽 中国科学院深圳先进技术研究院 深圳 518055;中国科学院大学深圳先进技术学院 深圳 518055 
李成明 中国科学院深圳先进技术研究院 深圳 518055 
姜青山 中国科学院深圳先进技术研究院 深圳 518055 
摘要点击次数: 83
全文下载次数: 149
中文摘要:
      流量异常检测是网络入侵检测的主要途径之一,也是网络安全领域的一个热门研究方向。通过对网络流量进行实时监控,可及时有效地对网络异常进行预警。目前,网络流量异常检测方法主要分为基于规则和基于特征工程的方法,但现有方法需针对网络流量特征的变化需重新人工收集规则或 构造特征,工作量大且繁杂。为解决上述问题,该文提出一种基于卷积神经网络和循环神经网络的深度学习方法来自动提取网络流量的时空特征,可同时提取不同数据包之间的时序特征和同一数据包内字节流的空间特征,并减少了大量的人工工作。在 MAWILab 网络轨迹数据集上进行的验证分析结果表明,该文所提出的网络流时空特征提取方法优于已有的深度表示学习方法。
英文摘要:
      Network intrusion detection is one of the core research areas of cyber security. Network traffic anomaly detection is common in network intrusion detection systems. Through monitoring the network traffic, network intrusion detection systems can effectively track anomalous traffic and then give out alerts. This research area has developed for decades and the conventional methods for network intrusion detection systems include rule-based and feature engineering based methods. However, the changing features of network traffic require the methods to continuously gather new rules and generate new features, which results in a labor-intensive workload and comparatively poor quality of features engineering. To solve this problem, a deep learning-based spatial-temporal features extraction method was proposed. It includes convolution neural networks and long short term memory neural networks to learn the spatial-temporal features of network raw traffic. This method is tested on the MAWILab network traces data to evaluate its effectiveness. Multi-layer perception, convolution neural networks alone and long short term memory are used for comparison with the proposed approach. The features generated by these methods are used to classify the traffic, which can assess the performance of the feature extraction process of each method. Experiments show that the proposed method outperforms other methods in its effectiveness of spatial-temporal features extraction.
查看全文  查看/发表评论  下载PDF阅读器
关闭
微信关注二维码 用微信扫一扫 用微信扫一扫 用微信扫一扫

美女

美女图片

美女

美女图片