Research On Network Traffic Abnormal Detection Technology Based On Machine Learning

In recent years,large-scale anomalies on the Internet have occurred frequently,and network security issues have become intractable in the context of the interconnection of all things.Network traffic anomaly detection is a promising technology in the area of network security.It can effectively identify various types of attacks in the network and provide reliable data support for subsequent security defence.With the rapid development of artificial intelligence technology,machine learning has already been widely used in different fields.Machine learning-based network traffic anomaly detection technologies can not only approve the real-time accuracy of anomaly detection but also improve the robustness of the anomaly detection system.The data traffic in the network is large-scale and contains a large number of characteristic attributes.To improve the time efficiency of anomaly detection,the characteristics of data traffic need to be reduced.Although reducing network traffic characteristics can effectively simplify the burden of machine learning,establishing high-performance classifiers also cannot be neglected.Recently,artificial neural network-based abnormal network traffic identification and detection become more and more popular.Among the neural networks,the BP neural network has been widely used for detecting abnormal network traffic.However,the BP algorithm frequently falls into the local minimum and possess slow convergence speed.It is difficult to cope with the great variety of network attacks on the Internet.Therefore,it is valuable to study the feature selection of network traffic and design BP neural network models for network traffic anomaly detection.To reduce the characteristics of network traffic,this paper proposes a dual feature selection algorithm based on correlation and improved binary cuckoo optimization.Firstly,eliminating features that are irrelevant to classification and redundant in the feature set by measuring the correlation of features and the correlation between features and categories.Then,by transforming the feature selection problem to an optimization problem and utilizing group intelligent optimization algorithms,the features that are most conducive to classification can be selected to be the optimal feature subset throughout using the binary cuckoo algorithm.Theoretical analysis and simulation experiments show that the proposed algorithm has greater advantages in terms of feature dimension,detection accuracy,detection time,recall rate and FI-Measure compared with other current feature selection algorithms,it can maximize the reduction of features.Because of the local minima and slow convergence speed of the BP algorithm,it is difficult to deal with the ever-changing network attacks.This paper proposes an improved locust optimization algorithm-based BP neural network model to detect abnormal traffic in the network.The improved locust optimization algorithm can expand the diversity of the locust population and improve the convergence rate by involving the differential evolution strategy and the opposite learning strategy.Besides,the improved locust optimization algorithm can be used to guide the BP neural network to find the best weights and thresholds,further completing the training of the anomaly detection model.Theoretical analysis and simulation experiments show that the proposed algorithm can not only effectively overcome the shortcomings of the BP algorithm,but also improve the accuracy of network traffic anomaly detection while having good noise suppression effect.