Research On Extraction Method Of Network Security Situation Elements Based On Deep Learning

As the attack mode of network tends to be multi-node discrete mode,the traditional model which relies on the administrator and abnormal traffic observation can not adapt to the current actual network environment.As an active defense method,the network security situation awareness system realizes real-time monitoring and processing of the current overall network environment,and timely response to abnormal behavior within a certain threshold.Among them,as the first step of network security situation awareness,the accuracy of element extraction will directly affect the accuracy of subsequent data resolution.Therefore,it is particularly necessary to extract the abnormal elements of network security effectively.However,there are still many problems to be solved on how to extract the factors that have great influence on the whole network situation environment from the complex and heterogeneous network environment.In this paper,after a comprehensive analysis of the current algorithms,convolutional neural network is finally selected as the backbone network of element extraction,and the defects existing in the process of feature extraction of convolutional neural network are improved,which are mainly as follows:(1)This paper firstly reviews and analyzes the latest research status of network element extraction and analyzes the wide application prospects of network situational awareness technology;secondly,it summarizes the bottlenecks that exist in the element extraction process according to the latest research progress and elaborates on the relevant bottlenecks that exist.(2)To address the problems that convolutional neural networks cannot adaptively adjust the importance of relevant attributes in the process of extracting relevant elements and cannot well solve the problem of long time series feature dependence;this paper combines the attention mechanism and long and short time memory networks with the convolutional neural networks.Then,the attention mechanism adaptively adjusts the contribution weights of different features in the network to suppress the noise information in the traffic as much as possible;finally,the long and short time memory network is used to model the features of the input long time network traffic information.By extracting network traffic data in three stages and designing relevant validation experiments in the KDD-99 dataset,the experimental results show the effectiveness of the algorithm in the process of modeling data traffic.(3)To address the poor generalization performance of convolutional neural networks in unbalanced data,which leads to the inability of their models to be better adapted to real scenarios.In addition,there is also the problem of incorrect determination of some classes due to overlearning of the training model.To overcome these difficulties,this paper introduces Bayesian inference theory in the convolution process to prevent overfitting by distributing parameter selection to achieve a posteriori inference of relevant parameters;that is,by constructing a simple distribution to approximate a complex fitting function;by combining probabilistic modeling with neural networks and designing related experiments,the experimental results show that the algorithm improves the overall performance of the model.