Research On Network Anomaly Detection And Prediction Method Based On Neural Network

With the progress of the Internet plus era and the rapid development of big data technology,more and more applications and devices are connected to the network,and the network topology is becoming more and more complex,which makes the network traffic volume larger and the network security problem.It is of great significance to analyze and anomaly detection of complex network traffic to understand network environment information,improve network user management,optimize network quality and network security.Traditional intrusion detection methods based on threshold and static rule matching are difficult to detect unknown anomalies and user anomalies in dynamic and complex network environments,and cannot meet the requirements of massive network traffic data detection.At the same time,detection efficiency is low and model rules are updated cumbersomely.And it also has disadvantage of self-learning and self-evolving update models.This thesis combines neural network to research network anomaly detection,collects network traffic,performs traffic analysis and rule matching to obtain related attributes such as user detailed information and abnormal attack behavior in network environment,and uses neural network traffic analysis features to establish neural network anomaly detection model.Perform network exceptions and user anomaly behavior detection.The main research contents and innovations of this paper are as follows:1.Build a distributed traffic collection and network traffic analysis system to complete network traffic collection,analysis and detection.The network traffic data of the campus network is collected by means of the bypass mirroring port.The network traffic analysis and detection are performed by bro and snort,and the network traffic data is reconstructed into a log file storage.Finally,the data of each layer is analyzed and the upper applicationcharacteristics are extracted to establish an identifier library.2.In the network anomaly detection and recognition,it is difficult to determine the BP neural network structure,easy to fall into local optimum,slow convergence and low detection accuracy.In this paper,a network anomaly detection method based on particle swarm optimization BP neural network is proposed.By using adaptive learning rate and particle swarm optimization algorithm,the network structure and parameters of BP neural network algorithm are optimized and adjusted,so that the iteration number of detection model is reduced and the precision is higher.3.The abnormal user behavior detection and identification,through the identification library established by the upper application analysis to customize the user's abnormal behavior,and carry out more detailed user behavior management for the network environment.This paper proposes a self-defined user anomaly behavior detection model based on deep neural network.Through experimental verification,this model can effectively solve the traditional user anomaly detection method can not quickly respond to unknown anomaly types and malware,without custom user behavior management.And so on.4.The network traffic is predicted,and the real traffic data that predicts future traffic not conforming to the normal situation is combined with fine-grained network traffic analysis,abnormality detection and user behavior detection to achieve targeted intelligent preventive detection.In this paper,a network traffic prediction model based on long-term and short-term memory neural network is proposed.This model effectively overcomes the problem that traditional network traffic prediction methods can not accurately predict and flood the network traffic with large amount of data,random burstiness and strong dependence.Insufficient capacity and other issues.