The Design And Implementation Of Network Intrusion Detection System Based On The Long Short-term Memory Technology

As the number of network users increasing,the number of network attacks increases rapidly.This phenomenon poses a serious challenge to the security of the whole network environment.There is no doubt that people's demand for the security of network information is huge.The security of network information not only affects our personal life,but also is an important index of national security.Therefore,how to detect network intrusion accurately is a hotspot in recent years.Intrusion Detection System(IDS)is a program that actively maintains the security of local network in computer system.It is a security barrier that prevents network intrusion.Traditional IDS has obvious deficiencies in the accuracy and intelligence of detection.Traditional machine learning method is not suitable for large data classification.Since network traffic data is enormous,IDS based on traditional machine learning method can not effectively solve the problem of large-scale intrusion data classification.In other words,it still lacks reliability.Considering the massive network traffic in real life,deep learning has more potential than traditional machine learning used in previous studies in extracting massive data features.On this basis,Long Short-Term Memory(LSTM)technology in deep learning is studied,and an IDS model based on deep learning method is proposed.We use the complete NSL-KDD dataset to train IDS based on LSTM.The main work of this thesis is as follows:(1)In this thesis,Intrusion detection model based LSTM model is designed.Feature representation of different depths of traffic information is constructed based on Keras.Features of different depths are combined into multi-stages features.The model is compared with the model based on RF,the model based on SVM,the model based on DBN and the model based on single-layer LSTM.The experimental results show that the performance of the proposed model is better than that of the traditional machine learning method and the new deep learning method in multi-class classification.This model improves the accuracy of intrusion detection and provides a new research direction for intrusion detection.(2)Based on the designed intrusion detection model,an IDS framework is designed,which includes data capture module,data processing and storage module,intrusion detection module and intrusion management module.(3)The core module of the system is designed and implemented in detail.The network traffic data is obtained through data capture module;the network traffic data is processed through data processing and storage module to meet the input format requirements of LSTM-based intrusion detection model;and the traffic classification results are obtained through intrusion detection module.(4)On the basis of the above research,an IDS based on LSTM is implemented,and the functions and non-functions of the system are tested.The system test results show that the function of the system designed in this paper is effective,it can detect network traffic intrusion,and the designed system meets the requirements.