Research On Network Traffic Anomaly Detection Based On Deep Learning

Informationization is developing rapidly,the network has penetrated into all aspects of human society and become an indispensable part of people's daily life.At the same time,it is bound to be accompanied by a series of potential security problems.In recent years,with the frequent occurrence of network security accidents,such as Do S attack,computer worm,blackmail virus and so on,people pay more and more attention to network security.As a protection means that can effectively identify network attacks,network traffic anomaly detection technology can detect various illegal attacks invading the network environment in real time,do early warning and protection in advance,and reduce unnecessary losses.But now is the era of big data and cloud computing,network attack methods are becoming more and more complicated,and it is not easy to be identified in an unknown network environment.The traditional network anomaly detection can not meet and apply to the intelligent big data application network.The reason is that the traditional rule-based and machine learning methods mainly rely on manual experience or a small number of samples.When there is a large amount of unknown information,the detection results are unreliable.As a kind of time series data,network traffic is unstable,and its fluctuation amplitude changes with time,which makes the traditional detection methods only effective at the superficial level,and the detection accuracy at the deep level decreases greatly.First of all,this article uses the network intrusion standard data set MAWILab according to the needs of the actual scene,combined with the popular deep learning technology,builds a multi-feature spatiotemporal information fusion algorithm model combining CNN and LSTM to extract the spatiotemporal characteristics of network traffic data and solve anomalies The detection needs to rely on expert experience to artificially formulate rules for problems,which reduces labor costs.Secondly,because the network traffic intrusion is often unknown,the traditional detection methods are difficult to adapt to the new network attack methods,and the idea of migration learning is used.By learning the existing original training data,we can effectively detect unknown network attacks and improve the detection accuracy of the model in the environment with large time series fluctuation.Finally,combined with the above,a network anomaly detection system based on web is realized.It solves the problem of insufficient detection ability of traditional detection methods in the environment of network unknown factors,improves the detection accuracy and ensures the network security.This topic comes from Chongqing yingka Electronic Information Co.,Ltd.and belongs to an internal self-research project under the information security department.The web anomaly detection system finally implemented in this paper has been deployed to Alibaba cloud server,which can be accessed through the website http://manage.fenmiaobizheng.cn Access,login account admin,login password admin123.