Research On Network DoS Intrusion Detection Method Based On Deep Learning

With the rapid popularization of network applications,intrusion attack methods and types are emerging in an endless stream,especially Denial of Service attack.In2018,Git Hub,the world's largest code hosting platform,suffered DoS attacks of up to 1.3 terabytes per second(Tbps).at present,the detection of DoS attacks mostly adopts unitary detection algorithm,and the network traffic characteristics are mostly selected by prior knowledge,which will lead to the problems of low detection rate,high false alarm rate and high missed alarm rate in the network traffic detection of high dimension and multi attack categories.Therefore,this paper comprehensively considers the automatic selection of information features and different deep learning algorithms in TCP/IP protocol and 802.11 protocol,and puts forward the improved ideas and implementation schemes for detecting network DoS attacks under TCP/IP protocol and 802.11 protocol respectively.The specific work is as follows:Firstly,aiming at the problem of single detection algorithm in the existing research,a cascade detection model based on probability graph model and DNN is proposed.According to the wired network traffic,based on the detailed analysis of the TCP protocol communication process,statistical analysis the characteristics such as packet size,network load,link length and so on.After probability calculation,the probability graph model of the network data flow is constructed and the coarse-grained classification is made,and the network data flow whose detection result is "non fake" is retained.Then,the "non fake" network data stream is sent to the DNN deep neural network model for further detection,and the DoS attack data stream in the network data stream is identified.Secondly,faced with the problem of DoS attack detection in wireless network traffic concentration based on 802.11 protocol,because of its high data dimension,the manual statistical analysis scheme of feature discovery is inefficient,and the effect of cascade detection model is not ideal.For this reason,this paper proposes a DoS attack detection method based on dense convolutional neural network for high-dimensional data.In the first step,when there are many features in the network dataset,the traditional method of feature selection based on experience is abandoned,and the idea of integrated learning is used to select features.The specific method is to adopt the Gini index calculation principle,use the random forest method to weakly classify the network data set,select the feature subset with high importance through the weight,and use it as the input information of the subsequent detection module.In the second step,aiming at the gradient vanishing problem of traditional deep convolution neural network,Densenet algorithm is introduced to classify and detect the network traffic data.Simulation results show that this method can ensure the accuracy of detection results in the network environment with large amount of data.Finally,the proposed feature selection strategy and two intrusion detection models are verified on real data sets.The data sets are CICDoS data set with small amount of data and AWID data set with large amount of data and high dimension.The simulation results show that the two detection models proposed in this paper can achieve higher detection accuracy,lower detection false alarm rate and missed alarm rate.