Research On Network Attack Detection Technology Based On Deep Learning

In recent years,machine learning methods have been widely used in network traffic classification and intrusion detection.However,with the increase of data volume and new attacks,how to reduce false positive and misses then accurately and quickly detect the attack behavior becomes more challenging.In view of the above problems,this paper built an attack detection model based on convolutional neural network,and studied relevant technologies to improve the accuracy and speed of detection by reducing the number of hidden layers of convolutional neural network.In this paper,an attack detection model based on simplified LeNet-5 convolutional neural network was constructed.In terms of the network structure of the model,the last full connection layer of the LeNet-5 network was removed,which reduced the computation of the model.In terms of model algorithm optimization,the forward propagation network adopted linear rectification layer as the excitation layer.The output layer was classified by logistic regression model.The back-propagation network used the cross-entropy loss function to calculate the loss,and the adaptive moment estimation method was used as the gradient calculation method,and adopted L2 regularized weight attenuation method to avoid overfitting.On the basis of the simplified LeNet-5 network model,the paper further proposed the LeNet-4 network model,introduced the feature selection algorithm,used the random forest classifier for recursive feature elimination,selected the top 49 features according to the feature importance ranking order,and rebuilt the network model.In terms of the network structure of the model,the first pooling layer was removed to reduce the complexity of the network,and the self-learning ability of the network was enhanced by the structure of double convolutional layer+single pooling layer.In this paper,the CICIDS2017 dataset was used for experimental verification of the proposed model,and all instances and attack families in the dataset were used for joint detection.The experimental results show that in the simplified LeNet-5 network model,the accuracy of multi-attack classification is 97.1%,that of combined attack classification is 97.4%,and that of binary attack classification is 98%.In the LeNet-4 network model,the introduction of recursive feature elimination algorithm not only improved the detection accuracy of attacks,but also reduced the detection time.The accuracy rate of multi-attack classification is 97.9%,that of combined attack classification is 97.8%,and that of binary attack classification is 98.5%.