Research On Distributed Malicious Traffic Detection Method Based On Deep Learning

Thanks to the rapid development of the Internet and the widespread popularity of the era of big data,our lives have ushered in the "fast lane" of the development of new economy,new business formats,and new communication.The network has brought a new attitude to our lives,and at the same time,it has also brought new challenges to maintaining the security of the network environment.Traditional network security protection measures,such as firewall technology,network monitoring,etc.,require experts to formulate a large number of rule bases based on known network attacks.Based on this rule base,traditional protective measures can only work.It can be seen that due to the diversity of traffic types brought about by the development of big data,traditional protection technologies have gradually been unable to identify new types of network attacks,and it is also difficult to conduct comprehensive security inspections on open ports.These deficiencies weaken the network.Safe protection.Therefore,how to develop an effective network intrusion detection method under the background of big data is still a hot topic of concern and discussion in the industry.Divided from the perspective of detection technology,network traffic intrusion detection can be divided into: feature-based detection and anomaly-based detection.Compared with feature-based detection methods,anomaly-based intrusion detection does not rely on the existing signature knowledge base.New intelligent attack behavior has strong adaptability and can effectively detect unknown network attacks.Therefore,anomaly-based intrusion detection technology is the current research focus.With the development of artificial intelligence,more and more researchers are beginning to try to combine machine learning technology with anomaly-based intrusion detection.With the powerful computing power of neural network models,intrusion detection systems can extract features from massive network traffic.Train the model.The traditional machine learning method usually requires manual extraction of features,which is a relatively shallow learning method.With the rapid growth of the amount of network traffic and the increasing complexity of its data structure,the characteristics of the traffic are becoming increasingly complex and diverse with larger dimensions.Obviously,the method of manually extracting features cannot adapt to the background of the big data era.In order to solve the above-mentioned problems,this paper proposes a distributed malicious traffic detection method CNN-SVDD based on deep learning.In this paper,firstly,the network traffic is processed to generate a grayscale image,and the convolutional neural network(CNN),which has outstanding contributions in the field of image recognition,is used to extract features of the traffic grayscale image,learn the internal laws and hierarchical expressions of network traffic data,and combine The samples are mapped to a high-dimensional feature space,and finally,the support vector data description(SVDD)of the heterogeneous point detection algorithm is used to find an optimal hypersphere that contains most of the samples in the high-dimensional space.The trained optimal hypersphere includes normal traffic and isolates abnormal traffic to detect malicious traffic.This paper uses a public data set to evaluate our work.The experimental results show that the CNN-SVDD model solves the problem of traditional machine learning in intrusion detection that requires manual feature extraction,and has a better recognition effect on new types of attacks.At the same time,this article also uses TensorFlow On Spark(TFOS)to deploy the model to the big data platform Spark cluster,using Hadoop’s distributed file system HDFS to distribute and store a large number of data sets,and through Spark’s flexible distributed data sets(RDDs)Perform data parallel training on the CNN-SVDD model,and the final experimental results further verify the adaptability of the CNN-SVDD model to the big data environment.