In network traffic classification,it is important to understand the correlation between network traffic and its causal application,protocol,or service group,for example,in facilitating lawful interception,ensuring the...In network traffic classification,it is important to understand the correlation between network traffic and its causal application,protocol,or service group,for example,in facilitating lawful interception,ensuring the quality of service,preventing application choke points,and facilitating malicious behavior identification.In this paper,we review existing network classification techniques,such as port-based identification and those based on deep packet inspection,statistical features in conjunction with machine learning,and deep learning algorithms.We also explain the implementations,advantages,and limitations associated with these techniques.Our review also extends to publicly available datasets used in the literature.Finally,we discuss existing and emerging challenges,as well as future research directions.展开更多
Network traffic identification is critical for maintaining network security and further meeting various demands of network applications.However,network traffic data typically possesses high dimensionality and complexi...Network traffic identification is critical for maintaining network security and further meeting various demands of network applications.However,network traffic data typically possesses high dimensionality and complexity,leading to practical problems in traffic identification data analytics.Since the original Dung Beetle Optimizer(DBO)algorithm,Grey Wolf Optimization(GWO)algorithm,Whale Optimization Algorithm(WOA),and Particle Swarm Optimization(PSO)algorithm have the shortcomings of slow convergence and easily fall into the local optimal solution,an Improved Dung Beetle Optimizer(IDBO)algorithm is proposed for network traffic identification.Firstly,the Sobol sequence is utilized to initialize the dung beetle population,laying the foundation for finding the global optimal solution.Next,an integration of levy flight and golden sine strategy is suggested to give dung beetles a greater probability of exploring unvisited areas,escaping from the local optimal solution,and converging more effectively towards a global optimal solution.Finally,an adaptive weight factor is utilized to enhance the search capabilities of the original DBO algorithm and accelerate convergence.With the improvements above,the proposed IDBO algorithm is then applied to traffic identification data analytics and feature selection,as so to find the optimal subset for K-Nearest Neighbor(KNN)classification.The simulation experiments use the CICIDS2017 dataset to verify the effectiveness of the proposed IDBO algorithm and compare it with the original DBO,GWO,WOA,and PSO algorithms.The experimental results show that,compared with other algorithms,the accuracy and recall are improved by 1.53%and 0.88%in binary classification,and the Distributed Denial of Service(DDoS)class identification is the most effective in multi-classification,with an improvement of 5.80%and 0.33%for accuracy and recall,respectively.Therefore,the proposed IDBO algorithm is effective in increasing the efficiency of traffic identification and solving the problem of the original DBO algorithm that converges slowly and falls into the local optimal solution when dealing with high-dimensional data analytics and feature selection for network traffic identification.展开更多
With the increasing dimensionality of network traffic,extracting effective traffic features and improving the identification accuracy of different intrusion traffic have become critical in intrusion detection systems(...With the increasing dimensionality of network traffic,extracting effective traffic features and improving the identification accuracy of different intrusion traffic have become critical in intrusion detection systems(IDS).However,both unsupervised and semisupervised anomalous traffic detection methods suffer from the drawback of ignoring potential correlations between features,resulting in an analysis that is not an optimal set.Therefore,in order to extract more representative traffic features as well as to improve the accuracy of traffic identification,this paper proposes a feature dimensionality reduction method combining principal component analysis and Hotelling’s T^(2) and a multilayer convolutional bidirectional long short-term memory(MSC_BiLSTM)classifier model for network traffic intrusion detection.This method reduces the parameters and redundancy of the model by feature extraction and extracts the dependent features between the data by a bidirectional long short-term memory(BiLSTM)network,which fully considers the influence between the before and after features.The network traffic is first characteristically downscaled by principal component analysis(PCA),and then the downscaled principal components are used as input to Hotelling’s T^(2) to compare the differences between groups.For datasets with outliers,Hotelling’s T^(2) can help identify the groups where the outliers are located and quantitatively measure the extent of the outliers.Finally,a multilayer convolutional neural network and a BiLSTM network are used to extract the spatial and temporal features of network traffic data.The empirical consequences exhibit that the suggested approach in this manuscript attains superior outcomes in precision,recall and F1-score juxtaposed with the prevailing techniques.The results show that the intrusion detection accuracy,precision,and F1-score of the proposed MSC_BiLSTM model for the CIC-IDS 2017 dataset are 98.71%,95.97%,and 90.22%.展开更多
While encryption technology safeguards the security of network communications,malicious traffic also uses encryption protocols to obscure its malicious behavior.To address the issues of traditional machine learning me...While encryption technology safeguards the security of network communications,malicious traffic also uses encryption protocols to obscure its malicious behavior.To address the issues of traditional machine learning methods relying on expert experience and the insufficient representation capabilities of existing deep learning methods for encrypted malicious traffic,we propose an encrypted malicious traffic classification method that integrates global semantic features with local spatiotemporal features,called BERT-based Spatio-Temporal Features Network(BSTFNet).At the packet-level granularity,the model captures the global semantic features of packets through the attention mechanism of the Bidirectional Encoder Representations from Transformers(BERT)model.At the byte-level granularity,we initially employ the Bidirectional Gated Recurrent Unit(BiGRU)model to extract temporal features from bytes,followed by the utilization of the Text Convolutional Neural Network(TextCNN)model with multi-sized convolution kernels to extract local multi-receptive field spatial features.The fusion of features from both granularities serves as the ultimate multidimensional representation of malicious traffic.Our approach achieves accuracy and F1-score of 99.39%and 99.40%,respectively,on the publicly available USTC-TFC2016 dataset,and effectively reduces sample confusion within the Neris and Virut categories.The experimental results demonstrate that our method has outstanding representation and classification capabilities for encrypted malicious traffic.展开更多
Urban traffic control is a multifaceted and demanding task that necessitates extensive decision-making to ensure the safety and efficiency of urban transportation systems.Traditional approaches require traffic signal ...Urban traffic control is a multifaceted and demanding task that necessitates extensive decision-making to ensure the safety and efficiency of urban transportation systems.Traditional approaches require traffic signal professionals to manually intervene on traffic control devices at the intersection level,utilizing their knowledge and expertise.However,this process is cumbersome,labor-intensive,and cannot be applied on a large network scale.Recent studies have begun to explore the applicability of recommendation system for urban traffic control,which offer increased control efficiency and scalability.Such a decision recommendation system is complex,with various interdependent components,but a systematic literature review has not yet been conducted.In this work,we present an up-to-date survey that elucidates all the detailed components of a recommendation system for urban traffic control,demonstrates the utility and efficacy of such a system in the real world using data and knowledgedriven approaches,and discusses the current challenges and potential future directions of this field.展开更多
Traffic prediction already plays a significant role in applications like traffic planning and urban management,but it is still difficult to capture the highly non-linear and complicated spatiotemporal correlations of ...Traffic prediction already plays a significant role in applications like traffic planning and urban management,but it is still difficult to capture the highly non-linear and complicated spatiotemporal correlations of traffic data.As well as to fulfil both long-termand short-termprediction objectives,a better representation of the temporal dependency and global spatial correlation of traffic data is needed.In order to do this,the Spatiotemporal Graph Neural Network(S-GNN)is proposed in this research as amethod for traffic prediction.The S-GNN simultaneously accepts various traffic data as inputs and investigates the non-linear correlations between the variables.In terms of modelling,the road network is initially represented as a spatiotemporal directed graph,with the features of the samples at the time step being captured by a convolution module.In order to assign varying attention weights to various adjacent area nodes of the target node,the adjacent areas information of nodes in the road network is then aggregated using a graph network.The data is output using a fully connected layer at the end.The findings show that S-GNN can improve short-and long-term traffic prediction accuracy to a greater extent;in comparison to the control model,the RMSE of S-GNN is reduced by about 0.571 to 9.288 and the MAE(Mean Absolute Error)by about 0.314 to 7.678.The experimental results on two real datasets,Pe MSD7(M)and PEMS-BAY,also support this claim.展开更多
This paper investigates the impacts of a bus holding strategy on the mutual interference between buses and passenger cars in a non-dedicated bus route,as well as the impacts on the characteristics of pollutant emissio...This paper investigates the impacts of a bus holding strategy on the mutual interference between buses and passenger cars in a non-dedicated bus route,as well as the impacts on the characteristics of pollutant emissions of passenger cars.The dynamic behaviors of these two types of vehicles are described using cellular automata(CA)models under open boundary conditions.Numerical simulations are carried out to obtain the phase diagrams of the bus system and the trajectories of buses and passenger cars before and after the implementation of the bus holding strategy under different probabilities of passenger cars entering a two-lane mixed traffic system.Then,we analyze the flow rate,satisfaction rate,and pollutant emission rates of passenger cars together with the performance of a mixed traffic system.The results show that the bus holding strategy can effectively alleviate bus bunching,whereas it has no significant impact on the flow rate and pollutant emission rates of passenger cars;the flow rate,satisfaction rate,and pollutant emission rates of passenger cars for either the traffic system or for each lane are influenced by the bus departure interval and the number of passengers arriving at bus stops.展开更多
Low-Earth Orbit Satellite Constellations(LEO-SCs)provide global,high-speed,and low latency Internet access services,which bridges the digital divide in the remote areas.As inter-satellite links are not supported in in...Low-Earth Orbit Satellite Constellations(LEO-SCs)provide global,high-speed,and low latency Internet access services,which bridges the digital divide in the remote areas.As inter-satellite links are not supported in initial deployment(i.e.the Starlink),the communication between satellites is based on ground stations with radio frequency signals.Due to the rapid movement of satellites,this hybrid topology of LEO-SCs and ground stations is time-varying,which imposes a major challenge to uninterrupted service provisioning and network management.In this paper,we focus on solving two notable problems in such a ground station-assisted LEO-SC topology,i.e.,traffic engineering and fast reroute,to guarantee that the packets are forwarded in a balanced and uninterrupted manner.Specifically,we employ segment routing to support the arbitrary path routing in LEO-SCs.To solve the traffic engineering problem,we proposed two source routings with traffic splitting algorithms,Delay-Bounded Traffic Splitting(DBTS)and DBTS+,where DBTS equally splits a flow and DBTS+favors shorter paths.Simu-lation results show that DBTS+can achieve about 30%lower maximum satellite load at the cost of about 10%more delay.To guarantee the fast recovery of failures,two fast reroute mechanisms,Loop-Free Alternate(LFA)and LFA+,are studied,where LFA pre-computes an alternate next-hop as a backup while LFA+finds a 2-segment backup path.We show that LFA+can increase the percentage of protection coverage by about 15%.展开更多
In the rapidly evolving field of cybersecurity,the challenge of providing realistic exercise scenarios that accurately mimic real-world threats has become increasingly critical.Traditional methods often fall short in ...In the rapidly evolving field of cybersecurity,the challenge of providing realistic exercise scenarios that accurately mimic real-world threats has become increasingly critical.Traditional methods often fall short in capturing the dynamic and complex nature of modern cyber threats.To address this gap,we propose a comprehensive framework designed to create authentic network environments tailored for cybersecurity exercise systems.Our framework leverages advanced simulation techniques to generate scenarios that mirror actual network conditions faced by professionals in the field.The cornerstone of our approach is the use of a conditional tabular generative adversarial network(CTGAN),a sophisticated tool that synthesizes realistic synthetic network traffic by learning fromreal data patterns.This technology allows us to handle technical components and sensitive information with high fidelity,ensuring that the synthetic data maintains statistical characteristics similar to those observed in real network environments.By meticulously analyzing the data collected from various network layers and translating these into structured tabular formats,our framework can generate network traffic that closely resembles that found in actual scenarios.An integral part of our process involves deploying this synthetic data within a simulated network environment,structured on software-defined networking(SDN)principles,to test and refine the traffic patterns.This simulation not only facilitates a direct comparison between the synthetic and real traffic but also enables us to identify discrepancies and refine the accuracy of our simulations.Our initial findings indicate an error rate of approximately 29.28%between the synthetic and real traffic data,highlighting areas for further improvement and adjustment.By providing a diverse array of network scenarios through our framework,we aim to enhance the exercise systems used by cybersecurity professionals.This not only improves their ability to respond to actual cyber threats but also ensures that the exercise is cost-effective and efficient.展开更多
Mature osteoclasts degrade bone matrix by exocytosis of active proteases from secretory lysosomes through a ruffled border.However,the molecular mechanisms underlying lysosomal trafficking and secretion in osteoclasts...Mature osteoclasts degrade bone matrix by exocytosis of active proteases from secretory lysosomes through a ruffled border.However,the molecular mechanisms underlying lysosomal trafficking and secretion in osteoclasts remain largely unknown.Here,we show with GeneChip analysis that RUN and FYVE domain-containing protein 4(RUFY4)is strongly upregulated during osteoclastogenesis.Mice lacking Rufy4 exhibited a high trabecular bone mass phenotype with abnormalities in osteoclast function in vivo.Furthermore,deleting Rufy4 did not affect osteoclast differentiation,but inhibited bone-resorbing activity due to disruption in the acidic maturation of secondary lysosomes,their trafficking to the membrane,and their secretion of cathepsin K into the extracellular space.Mechanistically,RUFY4 promotes late endosome-lysosome fusion by acting as an adaptor protein between Rab7 on late endosomes and LAMP2 on primary lysosomes.Consequently,Rufy4-deficient mice were highly protected from lipopolysaccharide-and ovariectomy-induced bone loss.Thus,RUFY4 plays as a new regulator in osteoclast activity by mediating endo-lysosomal trafficking and have a potential to be specific target for therapies against bone-loss diseases such as osteoporosis.展开更多
VPNs are vital for safeguarding communication routes in the continually changing cybersecurity world.However,increasing network attack complexity and variety require increasingly advanced algorithms to recognize and c...VPNs are vital for safeguarding communication routes in the continually changing cybersecurity world.However,increasing network attack complexity and variety require increasingly advanced algorithms to recognize and categorizeVPNnetwork data.We present a novelVPNnetwork traffic flowclassificationmethod utilizing Artificial Neural Networks(ANN).This paper aims to provide a reliable system that can identify a virtual private network(VPN)traffic fromintrusion attempts,data exfiltration,and denial-of-service assaults.We compile a broad dataset of labeled VPN traffic flows from various apps and usage patterns.Next,we create an ANN architecture that can handle encrypted communication and distinguish benign from dangerous actions.To effectively process and categorize encrypted packets,the neural network model has input,hidden,and output layers.We use advanced feature extraction approaches to improve the ANN’s classification accuracy by leveraging network traffic’s statistical and behavioral properties.We also use cutting-edge optimizationmethods to optimize network characteristics and performance.The suggested ANN-based categorization method is extensively tested and analyzed.Results show the model effectively classifies VPN traffic types.We also show that our ANN-based technique outperforms other approaches in precision,recall,and F1-score with 98.79%accuracy.This study improves VPN security and protects against new cyberthreats.Classifying VPNtraffic flows effectively helps enterprises protect sensitive data,maintain network integrity,and respond quickly to security problems.This study advances network security and lays the groundwork for ANN-based cybersecurity solutions.展开更多
Dear Editor,This letter puts forward a novel scalable temporal dimension preserved tensor completion model based on orthogonal initialization for missing traffic data(MTD)imputation.The MTD imputation acts directly on...Dear Editor,This letter puts forward a novel scalable temporal dimension preserved tensor completion model based on orthogonal initialization for missing traffic data(MTD)imputation.The MTD imputation acts directly on accessing the traffic state,and affects the traffic management.展开更多
The consensus of the automotive industry and traffic management authorities is that autonomous vehicles must follow the same traffic laws as human drivers.Using formal or digital methods,natural language traffic rules...The consensus of the automotive industry and traffic management authorities is that autonomous vehicles must follow the same traffic laws as human drivers.Using formal or digital methods,natural language traffic rules can be translated into machine language and used by autonomous vehicles.In this paper,a translation flow is designed.Beyond the translation,a deeper examination is required,because the semantics of natural languages are rich and complex,and frequently contain hidden assumptions.The issue of how to ensure that digital rules are accurate and consistent with the original intent of the traffic rules they represent is both significant and unresolved.In response,we propose a method of formal verification that combines equivalence verification with model checking.Reasonable and reassuring digital traffic rules can be obtained by utilizing the proposed traffic rule digitization flow and verification method.In addition,we offer a number of simulation applications that employ digital traffic rules to assess vehicle violations.The experimental findings indicate that our digital rules utilizing metric temporal logic(MTL)can be easily incorporated into simulation platforms and autonomous driving systems(ADS).展开更多
As a common transportation facility, speed humps can control the speed of vehicles on special road sections to reduce traffic risks. At the same time, they also cause instantaneous traffic emissions. Based on the clas...As a common transportation facility, speed humps can control the speed of vehicles on special road sections to reduce traffic risks. At the same time, they also cause instantaneous traffic emissions. Based on the classic instantaneous traffic emission model and the limited deceleration capacity microscopic traffic flow model with slow-to-start rules, this paper has investigated the impact of speed humps on traffic flow and the instantaneous emissions of vehicle pollutants in a single lane situation. The numerical simulation results have shown that speed humps have significant effects on traffic flow and traffic emissions. In a free-flow region, the increase of speed humps leads to the continuous rise of CO_(2), NO_(X) and PM emissions. Within some density ranges, one finds that these pollutant emissions can evolve into some higher values under some random seeds. Under other random seeds, they can evolve into some lower values. In a wide moving jam region, the emission values of these pollutants sometimes appear as continuous or intermittent phenomenon. Compared to the refined Na Sch model, the present model has lower instantaneous emissions such as CO_(2), NO_(X) and PM and higher volatile organic components(VOC) emissions. Compared to the limited deceleration capacity model without slow-to-start rules, the present model also has lower instantaneous emissions such as CO_(2), NO_(X) and PM and higher VOC emissions in a wide moving jam region. These results can also be confirmed or explained by the statistical values of vehicle velocity and acceleration.展开更多
Accurate forecasting of traffic flow provides a powerful traffic decision-making basis for an intelligent transportation system. However, the traffic data's complexity and fluctuation, as well as the noise produce...Accurate forecasting of traffic flow provides a powerful traffic decision-making basis for an intelligent transportation system. However, the traffic data's complexity and fluctuation, as well as the noise produced during collecting information and summarizing original data of traffic flow, cause large errors in the traffic flow forecasting results. This article suggests a solution to the above mentioned issues and proposes a fully connected time-gated neural network based on wavelet reconstruction(WT-FCTGN). To eliminate the potential noise and strengthen the potential traffic trend in the data, we adopt the methods of wavelet reconstruction and periodic data introduction to preprocess the data. The model introduces fully connected time-series blocks to model all the information including time sequence information and fluctuation information in the flow of traffic, and establishes the time gate block to comprehend the periodic characteristics of the flow of traffic and predict its flow. The performance of the WT-FCTGN model is validated on the public Pe MS data set. The experimental results show that the WT-FCTGN model has higher accuracy, and its mean absolute error(MAE), mean absolute percentage error(MAPE) and root mean square error(RMSE) are obviously lower than those of the other algorithms. The robust experimental results prove that the WT-FCTGN model has good anti-noise ability.展开更多
Traffic in today’s cities is a serious problem that increases travel times,negatively affects the environment,and drains financial resources.This study presents an Artificial Intelligence(AI)augmentedMobile Ad Hoc Ne...Traffic in today’s cities is a serious problem that increases travel times,negatively affects the environment,and drains financial resources.This study presents an Artificial Intelligence(AI)augmentedMobile Ad Hoc Networks(MANETs)based real-time prediction paradigm for urban traffic challenges.MANETs are wireless networks that are based on mobile devices and may self-organize.The distributed nature of MANETs and the power of AI approaches are leveraged in this framework to provide reliable and timely traffic congestion forecasts.This study suggests a unique Chaotic Spatial Fuzzy Polynomial Neural Network(CSFPNN)technique to assess real-time data acquired from various sources within theMANETs.The framework uses the proposed approach to learn from the data and create predictionmodels to detect possible traffic problems and their severity in real time.Real-time traffic prediction allows for proactive actions like resource allocation,dynamic route advice,and traffic signal optimization to reduce congestion.The framework supports effective decision-making,decreases travel time,lowers fuel use,and enhances overall urban mobility by giving timely information to pedestrians,drivers,and urban planners.Extensive simulations and real-world datasets are used to test the proposed framework’s prediction accuracy,responsiveness,and scalability.Experimental results show that the suggested framework successfully anticipates urban traffic issues in real-time,enables proactive traffic management,and aids in creating smarter,more sustainable cities.展开更多
A significant obstacle in intelligent transportation systems(ITS)is the capacity to predict traffic flow.Recent advancements in deep neural networks have enabled the development of models to represent traffic flow acc...A significant obstacle in intelligent transportation systems(ITS)is the capacity to predict traffic flow.Recent advancements in deep neural networks have enabled the development of models to represent traffic flow accurately.However,accurately predicting traffic flow at the individual road level is extremely difficult due to the complex interplay of spatial and temporal factors.This paper proposes a technique for predicting short-term traffic flow data using an architecture that utilizes convolutional bidirectional long short-term memory(Conv-BiLSTM)with attention mechanisms.Prior studies neglected to include data pertaining to factors such as holidays,weather conditions,and vehicle types,which are interconnected and significantly impact the accuracy of forecast outcomes.In addition,this research incorporates recurring monthly periodic pattern data that significantly enhances the accuracy of forecast outcomes.The experimental findings demonstrate a performance improvement of 21.68%when incorporating the vehicle type feature.展开更多
With the development of intelligent and interconnected traffic system,a convergence of traffic stream is anticipated in the foreseeable future,where both connected automated vehicle(CAV)and human driven vehicle(HDV)wi...With the development of intelligent and interconnected traffic system,a convergence of traffic stream is anticipated in the foreseeable future,where both connected automated vehicle(CAV)and human driven vehicle(HDV)will coexist.In order to examine the effect of CAV on the overall stability and energy consumption of such a heterogeneous traffic system,we first take into account the interrelated perception of distance and speed by CAV to establish a macroscopic dynamic model through utilizing the full velocity difference(FVD)model.Subsequently,adopting the linear stability theory,we propose the linear stability condition for the model through using the small perturbation method,and the validity of the heterogeneous model is verified by comparing with the FVD model.Through nonlinear theoretical analysis,we further derive the KdV-Burgers equation,which captures the propagation characteristics of traffic density waves.Finally,by numerical simulation experiments through utilizing a macroscopic model of heterogeneous traffic flow,the effect of CAV permeability on the stability of density wave in heterogeneous traffic flow and the energy consumption of the traffic system is investigated.Subsequent analysis reveals emergent traffic phenomena.The experimental findings demonstrate that as CAV permeability increases,the ability to dampen the propagation of fluctuations in heterogeneous traffic flow gradually intensifies when giving system perturbation,leading to enhanced stability of the traffic system.Furthermore,higher initial traffic density renders the traffic system more susceptible to congestion,resulting in local clustering effect and stop-and-go traffic phenomenon.Remarkably,the total energy consumption of the heterogeneous traffic system exhibits a gradual decline with CAV permeability increasing.Further evidence has demonstrated the positive influence of CAV on heterogeneous traffic flow.This research contributes to providing theoretical guidance for future CAV applications,aiming to enhance urban road traffic efficiency and alleviate congestion.展开更多
The correct identification of traffic signs plays an important role in automatic driving technology and road safety driving.Therefore,to address the problems of misdetection and omission in traffic sign detection due ...The correct identification of traffic signs plays an important role in automatic driving technology and road safety driving.Therefore,to address the problems of misdetection and omission in traffic sign detection due to the variety of sign types,significant size differences and complex background information,an improved traffic sign detection model for RT-DETR was proposed in this study.Firstly,the HiLo attention mechanism was added to the Attention-based Intra-scale Feature Interaction,which further enhanced the feature extraction capability of the network and improved the detection efficiency on high-resolution images.Secondly,the CAFMFusion feature fusion mechanism was designed,which enabled the network to pay attention to the features in different regions in each channel.Based on this,the model could better capture the remote dependencies and neighborhood feature correlation,improving the feature fusion capability of the model.Finally,the MPDIoU was used as the loss function of the improved model to achieve faster convergence and more accurate regression results.The experimental results on the TT100k-2021 traffic sign dataset showed that the improved model achieves the performance with a precision value of 90.2%,recall value of 88.1%and mAP@0.5 value of 91.6%,which are 4.6%,5.8%,and 4.4%better than the original RT-DETR model respectively.The model effectively improves the problem of poor traffic sign detection and has greater practical value.展开更多
In the IoT(Internet of Things)domain,the increased use of encryption protocols such as SSL/TLS,VPN(Virtual Private Network),and Tor has led to a rise in attacks leveraging encrypted traffic.While research on anomaly d...In the IoT(Internet of Things)domain,the increased use of encryption protocols such as SSL/TLS,VPN(Virtual Private Network),and Tor has led to a rise in attacks leveraging encrypted traffic.While research on anomaly detection using AI(Artificial Intelligence)is actively progressing,the encrypted nature of the data poses challenges for labeling,resulting in data imbalance and biased feature extraction toward specific nodes.This study proposes a reconstruction error-based anomaly detection method using an autoencoder(AE)that utilizes packet metadata excluding specific node information.The proposed method omits biased packet metadata such as IP and Port and trains the detection model using only normal data,leveraging a small amount of packet metadata.This makes it well-suited for direct application in IoT environments due to its low resource consumption.In experiments comparing feature extraction methods for AE-based anomaly detection,we found that using flowbased features significantly improves accuracy,precision,F1 score,and AUC(Area Under the Receiver Operating Characteristic Curve)score compared to packet-based features.Additionally,for flow-based features,the proposed method showed a 30.17%increase in F1 score and improved false positive rates compared to Isolation Forest and OneClassSVM.Furthermore,the proposedmethod demonstrated a 32.43%higherAUCwhen using packet features and a 111.39%higher AUC when using flow features,compared to previously proposed oversampling methods.This study highlights the impact of feature extraction methods on attack detection in imbalanced,encrypted traffic environments and emphasizes that the one-class method using AE is more effective for attack detection and reducing false positives compared to traditional oversampling methods.展开更多
文摘In network traffic classification,it is important to understand the correlation between network traffic and its causal application,protocol,or service group,for example,in facilitating lawful interception,ensuring the quality of service,preventing application choke points,and facilitating malicious behavior identification.In this paper,we review existing network classification techniques,such as port-based identification and those based on deep packet inspection,statistical features in conjunction with machine learning,and deep learning algorithms.We also explain the implementations,advantages,and limitations associated with these techniques.Our review also extends to publicly available datasets used in the literature.Finally,we discuss existing and emerging challenges,as well as future research directions.
基金supported by the National Natural Science Foundation of China under Grant 61602162the Hubei Provincial Science and Technology Plan Project under Grant 2023BCB041.
文摘Network traffic identification is critical for maintaining network security and further meeting various demands of network applications.However,network traffic data typically possesses high dimensionality and complexity,leading to practical problems in traffic identification data analytics.Since the original Dung Beetle Optimizer(DBO)algorithm,Grey Wolf Optimization(GWO)algorithm,Whale Optimization Algorithm(WOA),and Particle Swarm Optimization(PSO)algorithm have the shortcomings of slow convergence and easily fall into the local optimal solution,an Improved Dung Beetle Optimizer(IDBO)algorithm is proposed for network traffic identification.Firstly,the Sobol sequence is utilized to initialize the dung beetle population,laying the foundation for finding the global optimal solution.Next,an integration of levy flight and golden sine strategy is suggested to give dung beetles a greater probability of exploring unvisited areas,escaping from the local optimal solution,and converging more effectively towards a global optimal solution.Finally,an adaptive weight factor is utilized to enhance the search capabilities of the original DBO algorithm and accelerate convergence.With the improvements above,the proposed IDBO algorithm is then applied to traffic identification data analytics and feature selection,as so to find the optimal subset for K-Nearest Neighbor(KNN)classification.The simulation experiments use the CICIDS2017 dataset to verify the effectiveness of the proposed IDBO algorithm and compare it with the original DBO,GWO,WOA,and PSO algorithms.The experimental results show that,compared with other algorithms,the accuracy and recall are improved by 1.53%and 0.88%in binary classification,and the Distributed Denial of Service(DDoS)class identification is the most effective in multi-classification,with an improvement of 5.80%and 0.33%for accuracy and recall,respectively.Therefore,the proposed IDBO algorithm is effective in increasing the efficiency of traffic identification and solving the problem of the original DBO algorithm that converges slowly and falls into the local optimal solution when dealing with high-dimensional data analytics and feature selection for network traffic identification.
基金supported by Tianshan Talent Training Project-Xinjiang Science and Technology Innovation Team Program(2023TSYCTD).
文摘With the increasing dimensionality of network traffic,extracting effective traffic features and improving the identification accuracy of different intrusion traffic have become critical in intrusion detection systems(IDS).However,both unsupervised and semisupervised anomalous traffic detection methods suffer from the drawback of ignoring potential correlations between features,resulting in an analysis that is not an optimal set.Therefore,in order to extract more representative traffic features as well as to improve the accuracy of traffic identification,this paper proposes a feature dimensionality reduction method combining principal component analysis and Hotelling’s T^(2) and a multilayer convolutional bidirectional long short-term memory(MSC_BiLSTM)classifier model for network traffic intrusion detection.This method reduces the parameters and redundancy of the model by feature extraction and extracts the dependent features between the data by a bidirectional long short-term memory(BiLSTM)network,which fully considers the influence between the before and after features.The network traffic is first characteristically downscaled by principal component analysis(PCA),and then the downscaled principal components are used as input to Hotelling’s T^(2) to compare the differences between groups.For datasets with outliers,Hotelling’s T^(2) can help identify the groups where the outliers are located and quantitatively measure the extent of the outliers.Finally,a multilayer convolutional neural network and a BiLSTM network are used to extract the spatial and temporal features of network traffic data.The empirical consequences exhibit that the suggested approach in this manuscript attains superior outcomes in precision,recall and F1-score juxtaposed with the prevailing techniques.The results show that the intrusion detection accuracy,precision,and F1-score of the proposed MSC_BiLSTM model for the CIC-IDS 2017 dataset are 98.71%,95.97%,and 90.22%.
基金This research was funded by National Natural Science Foundation of China under Grant No.61806171Sichuan University of Science&Engineering Talent Project under Grant No.2021RC15+2 种基金Open Fund Project of Key Laboratory for Non-Destructive Testing and Engineering Computer of Sichuan Province Universities on Bridge Inspection and Engineering under Grant No.2022QYJ06Sichuan University of Science&Engineering Graduate Student Innovation Fund under Grant No.Y2023115The Scientific Research and Innovation Team Program of Sichuan University of Science and Technology under Grant No.SUSE652A006.
文摘While encryption technology safeguards the security of network communications,malicious traffic also uses encryption protocols to obscure its malicious behavior.To address the issues of traditional machine learning methods relying on expert experience and the insufficient representation capabilities of existing deep learning methods for encrypted malicious traffic,we propose an encrypted malicious traffic classification method that integrates global semantic features with local spatiotemporal features,called BERT-based Spatio-Temporal Features Network(BSTFNet).At the packet-level granularity,the model captures the global semantic features of packets through the attention mechanism of the Bidirectional Encoder Representations from Transformers(BERT)model.At the byte-level granularity,we initially employ the Bidirectional Gated Recurrent Unit(BiGRU)model to extract temporal features from bytes,followed by the utilization of the Text Convolutional Neural Network(TextCNN)model with multi-sized convolution kernels to extract local multi-receptive field spatial features.The fusion of features from both granularities serves as the ultimate multidimensional representation of malicious traffic.Our approach achieves accuracy and F1-score of 99.39%and 99.40%,respectively,on the publicly available USTC-TFC2016 dataset,and effectively reduces sample confusion within the Neris and Virut categories.The experimental results demonstrate that our method has outstanding representation and classification capabilities for encrypted malicious traffic.
基金supported by the National Key Research and Development Program of China(2021YFB2900200)the Key Research and Development Program of Science and Technology Department of Zhejiang Province(2022C01121)Zhejiang Provincial Department of Transport Research Project(ZJXL-JTT-202223).
文摘Urban traffic control is a multifaceted and demanding task that necessitates extensive decision-making to ensure the safety and efficiency of urban transportation systems.Traditional approaches require traffic signal professionals to manually intervene on traffic control devices at the intersection level,utilizing their knowledge and expertise.However,this process is cumbersome,labor-intensive,and cannot be applied on a large network scale.Recent studies have begun to explore the applicability of recommendation system for urban traffic control,which offer increased control efficiency and scalability.Such a decision recommendation system is complex,with various interdependent components,but a systematic literature review has not yet been conducted.In this work,we present an up-to-date survey that elucidates all the detailed components of a recommendation system for urban traffic control,demonstrates the utility and efficacy of such a system in the real world using data and knowledgedriven approaches,and discusses the current challenges and potential future directions of this field.
基金supported by Science and Technology Plan Project of Zhejiang Provincial Department of Transportation“Research and System Development of Highway Asset Digitalization Technology inUse Based onHigh-PrecisionMap”(Project Number:202203)in part by Science and Technology Plan Project of Zhejiang Provincial Department of Transportation:Research and Demonstration Application of Key Technologies for Precise Sensing of Expressway Thrown Objects(No.202204).
文摘Traffic prediction already plays a significant role in applications like traffic planning and urban management,but it is still difficult to capture the highly non-linear and complicated spatiotemporal correlations of traffic data.As well as to fulfil both long-termand short-termprediction objectives,a better representation of the temporal dependency and global spatial correlation of traffic data is needed.In order to do this,the Spatiotemporal Graph Neural Network(S-GNN)is proposed in this research as amethod for traffic prediction.The S-GNN simultaneously accepts various traffic data as inputs and investigates the non-linear correlations between the variables.In terms of modelling,the road network is initially represented as a spatiotemporal directed graph,with the features of the samples at the time step being captured by a convolution module.In order to assign varying attention weights to various adjacent area nodes of the target node,the adjacent areas information of nodes in the road network is then aggregated using a graph network.The data is output using a fully connected layer at the end.The findings show that S-GNN can improve short-and long-term traffic prediction accuracy to a greater extent;in comparison to the control model,the RMSE of S-GNN is reduced by about 0.571 to 9.288 and the MAE(Mean Absolute Error)by about 0.314 to 7.678.The experimental results on two real datasets,Pe MSD7(M)and PEMS-BAY,also support this claim.
基金Project supported by the National Natural Science Foundation of China(Grant No.52172314)the Natural Science Foundation of Liaoning Province,China(Grant No.2022-MS-150)the Special Funding Project of Taishan Scholar Engineering.
文摘This paper investigates the impacts of a bus holding strategy on the mutual interference between buses and passenger cars in a non-dedicated bus route,as well as the impacts on the characteristics of pollutant emissions of passenger cars.The dynamic behaviors of these two types of vehicles are described using cellular automata(CA)models under open boundary conditions.Numerical simulations are carried out to obtain the phase diagrams of the bus system and the trajectories of buses and passenger cars before and after the implementation of the bus holding strategy under different probabilities of passenger cars entering a two-lane mixed traffic system.Then,we analyze the flow rate,satisfaction rate,and pollutant emission rates of passenger cars together with the performance of a mixed traffic system.The results show that the bus holding strategy can effectively alleviate bus bunching,whereas it has no significant impact on the flow rate and pollutant emission rates of passenger cars;the flow rate,satisfaction rate,and pollutant emission rates of passenger cars for either the traffic system or for each lane are influenced by the bus departure interval and the number of passengers arriving at bus stops.
文摘Low-Earth Orbit Satellite Constellations(LEO-SCs)provide global,high-speed,and low latency Internet access services,which bridges the digital divide in the remote areas.As inter-satellite links are not supported in initial deployment(i.e.the Starlink),the communication between satellites is based on ground stations with radio frequency signals.Due to the rapid movement of satellites,this hybrid topology of LEO-SCs and ground stations is time-varying,which imposes a major challenge to uninterrupted service provisioning and network management.In this paper,we focus on solving two notable problems in such a ground station-assisted LEO-SC topology,i.e.,traffic engineering and fast reroute,to guarantee that the packets are forwarded in a balanced and uninterrupted manner.Specifically,we employ segment routing to support the arbitrary path routing in LEO-SCs.To solve the traffic engineering problem,we proposed two source routings with traffic splitting algorithms,Delay-Bounded Traffic Splitting(DBTS)and DBTS+,where DBTS equally splits a flow and DBTS+favors shorter paths.Simu-lation results show that DBTS+can achieve about 30%lower maximum satellite load at the cost of about 10%more delay.To guarantee the fast recovery of failures,two fast reroute mechanisms,Loop-Free Alternate(LFA)and LFA+,are studied,where LFA pre-computes an alternate next-hop as a backup while LFA+finds a 2-segment backup path.We show that LFA+can increase the percentage of protection coverage by about 15%.
基金supported in part by the Korea Research Institute for Defense Technology Planning and Advancement(KRIT)funded by the Korean Government’s Defense Acquisition Program Administration(DAPA)under Grant KRIT-CT-21-037in part by the Ministry of Education,Republic of Koreain part by the National Research Foundation of Korea under Grant RS-2023-00211871.
文摘In the rapidly evolving field of cybersecurity,the challenge of providing realistic exercise scenarios that accurately mimic real-world threats has become increasingly critical.Traditional methods often fall short in capturing the dynamic and complex nature of modern cyber threats.To address this gap,we propose a comprehensive framework designed to create authentic network environments tailored for cybersecurity exercise systems.Our framework leverages advanced simulation techniques to generate scenarios that mirror actual network conditions faced by professionals in the field.The cornerstone of our approach is the use of a conditional tabular generative adversarial network(CTGAN),a sophisticated tool that synthesizes realistic synthetic network traffic by learning fromreal data patterns.This technology allows us to handle technical components and sensitive information with high fidelity,ensuring that the synthetic data maintains statistical characteristics similar to those observed in real network environments.By meticulously analyzing the data collected from various network layers and translating these into structured tabular formats,our framework can generate network traffic that closely resembles that found in actual scenarios.An integral part of our process involves deploying this synthetic data within a simulated network environment,structured on software-defined networking(SDN)principles,to test and refine the traffic patterns.This simulation not only facilitates a direct comparison between the synthetic and real traffic but also enables us to identify discrepancies and refine the accuracy of our simulations.Our initial findings indicate an error rate of approximately 29.28%between the synthetic and real traffic data,highlighting areas for further improvement and adjustment.By providing a diverse array of network scenarios through our framework,we aim to enhance the exercise systems used by cybersecurity professionals.This not only improves their ability to respond to actual cyber threats but also ensures that the exercise is cost-effective and efficient.
基金supported by grants from the National Research Foundation of Korea(RS-2023-00217798 and 2021R1A2C3003675 to S.Y.L.)by the Korea Basic Science Institute National Research Facilities&Equipment Center grant(2019R1A6C1010020).M.K.was supported in part by scholarship from Ewha Womans University.
文摘Mature osteoclasts degrade bone matrix by exocytosis of active proteases from secretory lysosomes through a ruffled border.However,the molecular mechanisms underlying lysosomal trafficking and secretion in osteoclasts remain largely unknown.Here,we show with GeneChip analysis that RUN and FYVE domain-containing protein 4(RUFY4)is strongly upregulated during osteoclastogenesis.Mice lacking Rufy4 exhibited a high trabecular bone mass phenotype with abnormalities in osteoclast function in vivo.Furthermore,deleting Rufy4 did not affect osteoclast differentiation,but inhibited bone-resorbing activity due to disruption in the acidic maturation of secondary lysosomes,their trafficking to the membrane,and their secretion of cathepsin K into the extracellular space.Mechanistically,RUFY4 promotes late endosome-lysosome fusion by acting as an adaptor protein between Rab7 on late endosomes and LAMP2 on primary lysosomes.Consequently,Rufy4-deficient mice were highly protected from lipopolysaccharide-and ovariectomy-induced bone loss.Thus,RUFY4 plays as a new regulator in osteoclast activity by mediating endo-lysosomal trafficking and have a potential to be specific target for therapies against bone-loss diseases such as osteoporosis.
文摘VPNs are vital for safeguarding communication routes in the continually changing cybersecurity world.However,increasing network attack complexity and variety require increasingly advanced algorithms to recognize and categorizeVPNnetwork data.We present a novelVPNnetwork traffic flowclassificationmethod utilizing Artificial Neural Networks(ANN).This paper aims to provide a reliable system that can identify a virtual private network(VPN)traffic fromintrusion attempts,data exfiltration,and denial-of-service assaults.We compile a broad dataset of labeled VPN traffic flows from various apps and usage patterns.Next,we create an ANN architecture that can handle encrypted communication and distinguish benign from dangerous actions.To effectively process and categorize encrypted packets,the neural network model has input,hidden,and output layers.We use advanced feature extraction approaches to improve the ANN’s classification accuracy by leveraging network traffic’s statistical and behavioral properties.We also use cutting-edge optimizationmethods to optimize network characteristics and performance.The suggested ANN-based categorization method is extensively tested and analyzed.Results show the model effectively classifies VPN traffic types.We also show that our ANN-based technique outperforms other approaches in precision,recall,and F1-score with 98.79%accuracy.This study improves VPN security and protects against new cyberthreats.Classifying VPNtraffic flows effectively helps enterprises protect sensitive data,maintain network integrity,and respond quickly to security problems.This study advances network security and lays the groundwork for ANN-based cybersecurity solutions.
基金supported by the Young Top Talent of Young Eagle Program of Fujian Province,China(F21E 0011202B01).
文摘Dear Editor,This letter puts forward a novel scalable temporal dimension preserved tensor completion model based on orthogonal initialization for missing traffic data(MTD)imputation.The MTD imputation acts directly on accessing the traffic state,and affects the traffic management.
文摘The consensus of the automotive industry and traffic management authorities is that autonomous vehicles must follow the same traffic laws as human drivers.Using formal or digital methods,natural language traffic rules can be translated into machine language and used by autonomous vehicles.In this paper,a translation flow is designed.Beyond the translation,a deeper examination is required,because the semantics of natural languages are rich and complex,and frequently contain hidden assumptions.The issue of how to ensure that digital rules are accurate and consistent with the original intent of the traffic rules they represent is both significant and unresolved.In response,we propose a method of formal verification that combines equivalence verification with model checking.Reasonable and reassuring digital traffic rules can be obtained by utilizing the proposed traffic rule digitization flow and verification method.In addition,we offer a number of simulation applications that employ digital traffic rules to assess vehicle violations.The experimental findings indicate that our digital rules utilizing metric temporal logic(MTL)can be easily incorporated into simulation platforms and autonomous driving systems(ADS).
基金funded by the National Natural Science Foundation of China (Grant No. 11875031)the key research projects of Natural Science of Anhui Provincial Colleges and Universities (Grant No. 2022AH050252)。
文摘As a common transportation facility, speed humps can control the speed of vehicles on special road sections to reduce traffic risks. At the same time, they also cause instantaneous traffic emissions. Based on the classic instantaneous traffic emission model and the limited deceleration capacity microscopic traffic flow model with slow-to-start rules, this paper has investigated the impact of speed humps on traffic flow and the instantaneous emissions of vehicle pollutants in a single lane situation. The numerical simulation results have shown that speed humps have significant effects on traffic flow and traffic emissions. In a free-flow region, the increase of speed humps leads to the continuous rise of CO_(2), NO_(X) and PM emissions. Within some density ranges, one finds that these pollutant emissions can evolve into some higher values under some random seeds. Under other random seeds, they can evolve into some lower values. In a wide moving jam region, the emission values of these pollutants sometimes appear as continuous or intermittent phenomenon. Compared to the refined Na Sch model, the present model has lower instantaneous emissions such as CO_(2), NO_(X) and PM and higher volatile organic components(VOC) emissions. Compared to the limited deceleration capacity model without slow-to-start rules, the present model also has lower instantaneous emissions such as CO_(2), NO_(X) and PM and higher VOC emissions in a wide moving jam region. These results can also be confirmed or explained by the statistical values of vehicle velocity and acceleration.
基金The Science and Technology Research and Development Program Project of China Railway Group Ltd provided funding for this study(Project Nos.2020-Special-02 and 2021Special-08)。
文摘Accurate forecasting of traffic flow provides a powerful traffic decision-making basis for an intelligent transportation system. However, the traffic data's complexity and fluctuation, as well as the noise produced during collecting information and summarizing original data of traffic flow, cause large errors in the traffic flow forecasting results. This article suggests a solution to the above mentioned issues and proposes a fully connected time-gated neural network based on wavelet reconstruction(WT-FCTGN). To eliminate the potential noise and strengthen the potential traffic trend in the data, we adopt the methods of wavelet reconstruction and periodic data introduction to preprocess the data. The model introduces fully connected time-series blocks to model all the information including time sequence information and fluctuation information in the flow of traffic, and establishes the time gate block to comprehend the periodic characteristics of the flow of traffic and predict its flow. The performance of the WT-FCTGN model is validated on the public Pe MS data set. The experimental results show that the WT-FCTGN model has higher accuracy, and its mean absolute error(MAE), mean absolute percentage error(MAPE) and root mean square error(RMSE) are obviously lower than those of the other algorithms. The robust experimental results prove that the WT-FCTGN model has good anti-noise ability.
基金the Deanship of Scientific Research at Majmaah University for supporting this work under Project No.R-2024-1008.
文摘Traffic in today’s cities is a serious problem that increases travel times,negatively affects the environment,and drains financial resources.This study presents an Artificial Intelligence(AI)augmentedMobile Ad Hoc Networks(MANETs)based real-time prediction paradigm for urban traffic challenges.MANETs are wireless networks that are based on mobile devices and may self-organize.The distributed nature of MANETs and the power of AI approaches are leveraged in this framework to provide reliable and timely traffic congestion forecasts.This study suggests a unique Chaotic Spatial Fuzzy Polynomial Neural Network(CSFPNN)technique to assess real-time data acquired from various sources within theMANETs.The framework uses the proposed approach to learn from the data and create predictionmodels to detect possible traffic problems and their severity in real time.Real-time traffic prediction allows for proactive actions like resource allocation,dynamic route advice,and traffic signal optimization to reduce congestion.The framework supports effective decision-making,decreases travel time,lowers fuel use,and enhances overall urban mobility by giving timely information to pedestrians,drivers,and urban planners.Extensive simulations and real-world datasets are used to test the proposed framework’s prediction accuracy,responsiveness,and scalability.Experimental results show that the suggested framework successfully anticipates urban traffic issues in real-time,enables proactive traffic management,and aids in creating smarter,more sustainable cities.
文摘A significant obstacle in intelligent transportation systems(ITS)is the capacity to predict traffic flow.Recent advancements in deep neural networks have enabled the development of models to represent traffic flow accurately.However,accurately predicting traffic flow at the individual road level is extremely difficult due to the complex interplay of spatial and temporal factors.This paper proposes a technique for predicting short-term traffic flow data using an architecture that utilizes convolutional bidirectional long short-term memory(Conv-BiLSTM)with attention mechanisms.Prior studies neglected to include data pertaining to factors such as holidays,weather conditions,and vehicle types,which are interconnected and significantly impact the accuracy of forecast outcomes.In addition,this research incorporates recurring monthly periodic pattern data that significantly enhances the accuracy of forecast outcomes.The experimental findings demonstrate a performance improvement of 21.68%when incorporating the vehicle type feature.
基金Project supported by the Fundamental Research Funds for Central Universities,China(Grant No.2022YJS065)the National Natural Science Foundation of China(Grant Nos.72288101 and 72371019).
文摘With the development of intelligent and interconnected traffic system,a convergence of traffic stream is anticipated in the foreseeable future,where both connected automated vehicle(CAV)and human driven vehicle(HDV)will coexist.In order to examine the effect of CAV on the overall stability and energy consumption of such a heterogeneous traffic system,we first take into account the interrelated perception of distance and speed by CAV to establish a macroscopic dynamic model through utilizing the full velocity difference(FVD)model.Subsequently,adopting the linear stability theory,we propose the linear stability condition for the model through using the small perturbation method,and the validity of the heterogeneous model is verified by comparing with the FVD model.Through nonlinear theoretical analysis,we further derive the KdV-Burgers equation,which captures the propagation characteristics of traffic density waves.Finally,by numerical simulation experiments through utilizing a macroscopic model of heterogeneous traffic flow,the effect of CAV permeability on the stability of density wave in heterogeneous traffic flow and the energy consumption of the traffic system is investigated.Subsequent analysis reveals emergent traffic phenomena.The experimental findings demonstrate that as CAV permeability increases,the ability to dampen the propagation of fluctuations in heterogeneous traffic flow gradually intensifies when giving system perturbation,leading to enhanced stability of the traffic system.Furthermore,higher initial traffic density renders the traffic system more susceptible to congestion,resulting in local clustering effect and stop-and-go traffic phenomenon.Remarkably,the total energy consumption of the heterogeneous traffic system exhibits a gradual decline with CAV permeability increasing.Further evidence has demonstrated the positive influence of CAV on heterogeneous traffic flow.This research contributes to providing theoretical guidance for future CAV applications,aiming to enhance urban road traffic efficiency and alleviate congestion.
文摘The correct identification of traffic signs plays an important role in automatic driving technology and road safety driving.Therefore,to address the problems of misdetection and omission in traffic sign detection due to the variety of sign types,significant size differences and complex background information,an improved traffic sign detection model for RT-DETR was proposed in this study.Firstly,the HiLo attention mechanism was added to the Attention-based Intra-scale Feature Interaction,which further enhanced the feature extraction capability of the network and improved the detection efficiency on high-resolution images.Secondly,the CAFMFusion feature fusion mechanism was designed,which enabled the network to pay attention to the features in different regions in each channel.Based on this,the model could better capture the remote dependencies and neighborhood feature correlation,improving the feature fusion capability of the model.Finally,the MPDIoU was used as the loss function of the improved model to achieve faster convergence and more accurate regression results.The experimental results on the TT100k-2021 traffic sign dataset showed that the improved model achieves the performance with a precision value of 90.2%,recall value of 88.1%and mAP@0.5 value of 91.6%,which are 4.6%,5.8%,and 4.4%better than the original RT-DETR model respectively.The model effectively improves the problem of poor traffic sign detection and has greater practical value.
基金supported by Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea government(MSIT)(No.RS-2023-00235509,Development of Security Monitoring Technology Based Network Behavior against Encrypted Cyber Threats in ICT Convergence Environment).
文摘In the IoT(Internet of Things)domain,the increased use of encryption protocols such as SSL/TLS,VPN(Virtual Private Network),and Tor has led to a rise in attacks leveraging encrypted traffic.While research on anomaly detection using AI(Artificial Intelligence)is actively progressing,the encrypted nature of the data poses challenges for labeling,resulting in data imbalance and biased feature extraction toward specific nodes.This study proposes a reconstruction error-based anomaly detection method using an autoencoder(AE)that utilizes packet metadata excluding specific node information.The proposed method omits biased packet metadata such as IP and Port and trains the detection model using only normal data,leveraging a small amount of packet metadata.This makes it well-suited for direct application in IoT environments due to its low resource consumption.In experiments comparing feature extraction methods for AE-based anomaly detection,we found that using flowbased features significantly improves accuracy,precision,F1 score,and AUC(Area Under the Receiver Operating Characteristic Curve)score compared to packet-based features.Additionally,for flow-based features,the proposed method showed a 30.17%increase in F1 score and improved false positive rates compared to Isolation Forest and OneClassSVM.Furthermore,the proposedmethod demonstrated a 32.43%higherAUCwhen using packet features and a 111.39%higher AUC when using flow features,compared to previously proposed oversampling methods.This study highlights the impact of feature extraction methods on attack detection in imbalanced,encrypted traffic environments and emphasizes that the one-class method using AE is more effective for attack detection and reducing false positives compared to traditional oversampling methods.