Network Intrusion Detection Model Based On Convolutional Neural Network

With the rapid development of mobile Internet today,network security issues have become increasingly severe,and network intrusions have occurred frequently.How to effectively detect network intrusion has become an important research part in the field of network security.Although machine-learning-based intrusion detection technology is maturing,it still has the disadvantages of low detection rate and high false alarm rate.This thesis proposes a network intrusion detection system based on convolutional neural network to solve these problems.The main research steps in this thesis are as follows:In the first step,tcpdump network data collection tool is used to capture data packets in network traffic.In the second step,by analyzing the behavior of the transport layer in the data packet,the effective characteristics such as protocol type and the number of transmitted bytes are extracted.The third step is to perform data preprocessing operations on the data,perform one-hot operations on symbolic features,and perform normalized operations on numerical features.The fourth step is to use the convolutional neural network-based network intrusion detection model proposed in this thesis to predict the data and detect the malicious attacks.The fifth step is to develop a network intrusion detection system based on the convolutional neural network using Flask framework to detect network intrusion behavior in real time.The main research work of this thesis is as follows:First,this thesis proposes a clustering method based on k-means algorithm to solve the problem that U2R and R2L intrusion data are sparse because of a small sample size.This method can effectively extract U2R and R2L intrusion data by clustering on the specific feature dimensions of data.Experimental results show that the clustering model can identify 87.5%of U2R and R2L intrusion data in KDD99 dataset.Second,this thesis proposes a feature selection method based on random forest algorithm and backward search algorithm.This method uses the random forest algorithm to calculate the importance degree of each dimension feature of the data and sorts the importance degree.It uses a backward search algorithm to traverse the feature set,filters out redundant features,and selects effective features.The experimental results on the KDD99 data show that using this feature selection method can reduce the training time of the model without affecting the detection accuracy.Finally,using the convolutional neural network algorithm to nonlinearly map the data features,and fully exploit the connection between the input features.At the same time,by setting up different groups of comparative experiments,the optimal hyperparameters of the model are obtained.The experimental results show that the detection accuracy of the detection model based on the convolutional neural network algorithm on the KDD99 data set is up to 99.2%,which is higher than the accuracy of traditional detection models based on machine learning algorithms.The above experimental results show that the network intrusion detection method and system based on convolutional neural network is effective.