摘要
针对海量多源异构的网络流量数据难以用传统的机器学习算法有效提取特征,分类效果差的问题,提出一种基于深度级联网络的入侵检测算法,利用神经网络自动学习特征的能力,将卷积神经网络和长短期记忆网络结合起来,同时提取流量数据的空间特征和时序特征,并采用softmax进行分类,提高模型的检测性能和泛化能力。最后将该算法在KDDCUP99数据集上进行验证,实验结果表明,该入侵检测模型相较于SVM、DBN等算法有更高的检测率,准确率可达95.39%,误报率仅0.96%,有效提高了入侵检测分类性能。
Aiming at the problem that traditional machine learning algorithms are difficult to effectively extract features from massive multi-source heterogeneous network traffic data,and the classification effect is poor,an intrusion detection algorithm based on deep cascaded network is proposed,which uses the ability of neural network to automatically learn features.Convolutional neural network(CNN)is combined with long short-term memory network(LSTM)to extract the spatial and temporal characteristics of traffic data at the same time.And softmax is used for classification to improve the detection performance and generalization ability of the model.Finally,the algorithm is verified on the KDDCUP99 data set.The experimental results show that the intrusion detection model has a higher detection rate than SVM,DBN and other algorithms,with an accuracy rate of 95.39%and a false alarm rate of only 0.96%,which effectively improves intrusion detection classification performance.
作者
郭卫霞
张伟
杨国玉
Guo Weixia;Zhang Wei;Yang Guoyu(China Datang Corporation Science and Technology Research Institute,Beijing 100043,China)
出处
《电子技术应用》
2021年第11期68-72,共5页
Application of Electronic Technique
关键词
入侵检测
特征提取
卷积神经网络
长短期记忆网络
intrusion detection
feature extraction
convolutional neural network(CNN)
long short-term memory(LSTM)
