Design Of Intrusion Detection System Based On Auto-encoder Gate Recurrent Unit

With the advent of the 5G era,various networks and facilities have been continuously improved and developed,and the amount of data and data dimensions in the network have gradually increased,making communication security more important.Detecting network attacks and protecting network security are of high importance in cyberspace.Any attempt to destroy confidentiality,integrity,availability,and bypass security mechanisms can be regarded as a network intrusion.Therefore,the introduction of intrusion detection systems to achieve network status monitoring and security assessment to take protective measures in advance is of great significance to maintaining network security.Intrusion detection systems can be divided into detection systems based on misuse and detection systems based on anomalies.Misuse detection relies on attack characteristics stored in a dedicated database.In real-world network traffic intrusion detection,an anomaly-based detection system is more sensitive to unknown attacks.The key is to find an algorithm that accurately characterizes network packets as possible.However,the existing feature extraction methods generally preprocess the data packets manually,and do not consider the variable length of the binary representation payload.The payload contains the behavioral information of the current network environment,and the intrusiveness of network data packets can be judged by analyzing its scalability,flexibility,and versatility.Therefore,in order to solve most of the shortcomings that network traffic characteristics cannot be correctly characterized by manual preprocess ing of network data packets,this article starts from actual network security issues and proposes a coded gated loop unit.The specific work is as follows:(1)Aiming at the unreliability of existing data set preprocessing methods,a method of echo state network coupled with autoencoder is proposed.This method realizes the perception of system intrusion detection by automatically preprocessing data packets for payload.Aiming at the fixed length of the input data of the gated recurrent unit and the variable length of the network traffic data packet,,firstly,the real traffic data packet is input into the echo state network for feature extraction and converted into fixed-length data;secondly,the fixed-length data is passed through The encoding part of the automatic encoder performs data dimensionality reduction and automatically preprocesses network data packets;finally,the automatically preprocessed data packets are input into the designed gated recurrent unit,and the payload and data packet headers in the data packets are learned.(2)Aiming at the problem of excessive memory capacity used for processing data sets,this paper converts network data packets into binary,and replaces most arithmetic operations with binary shift calculations to reduce the required memory.Comparing the memory usage of the designed automatic encoded binarized gated recurrent unit with the gated recurrent unit,the memory usage is significantly reduced,and the calculation speed is improved.(3)The method proposed in this paper was trained and tested on the ISCX2012 public intrusion detection data set provided by the Center of Excellence for Information Security,to compare the effects of different hyperparameters on the experimental results,and to compare the accuracy with the methods proposed by other authors.The experimental results show that the accuracy of the automatically encoded binarized gated recurrent unit is improved to a certain extent compared with other results,which verifies the feasibility of the method.