Network Intrusion Detection Method Based On Data Augmentation And Multi-scale Convolutional Neural Network

In recent years,with the swift advancement of computer networks,the severity of network security concerns has escalated.Frequent network attacks have had a great impact on social development and production.As a fundamental technology for safeguarding network security,intrusion detection has the ability to detect and differentiate malicious threats present in the network,thereby providing stable services for intricate network environments.However,network traffic typically exhibits high-dimensional features,and there is a wide range of intrusion traffic types.Consequently,intrusion detection methods based on statistics and traditional machine learning often encounter challenges such as high computational costs and inaccurate classification.Meanwhile,the captured network attack traffic usually includes multiple types,and due to the imbalance in the dataset,there is a problem of low detection rate for minority class network attacks.To tackle the above issues,this article proposes the following main work:1.To address the problem of imbalanced data sample distribution,this article proposes a data augmentation approach relies on Conditional Generative Adversarial Networks(Conditional Generative Adversarial Network,CGAN).The generator and discriminator of the CGAN network are trained using the original imbalanced dataset,and then the class encoding vectors of the minority class samples are used as guidance conditions to direct the generator’s output and generate minority class samples.Experimental results on the UNSW-NB15 and CIC-IDS2017 datasets show that this method can significantly expand the dataset,and improve the detection rate of minority class samples.2.To address the difficulty in training high-dimensional feature data of network traffic,this article proposes a data dimensionality reduction method based on an improved Deep Sparse Autoencoder(DSAE).First,a self-attention mechanism is added to the DSAE model to improve the model’s ability to extract important features.Then,a Restricted Boltzmann Machine(RBM)is used as a pre-training module to initialize the model’s weights and avoid the problems of gradient vanishing and gradient explosion.Finally,the encoder of the model is employed to extract features and perform dimensionality reduction on high-dimensional and intricate data.Experimental results demonstrate that this dimensionality reduction method can extract network traffic sample features more efficiently than conventional dimensionality reduction techniques..3.To address the problem of low accuracy of classification model,combined with data balance and data reduction method,an multi-scale convolutional neural network(RESMSCNN)model based on residual strategy was constructed,and a network intrusion detection method based on CGAN-DSAE-RESMSCNN was proposed.Simulation experiments are conducted on the CIC-IDS2017 and UNSW-NB15 datasets,and the intrusion detection performance is evaluated using metrics such as accuracy,macro-precision,macro-recall,and macro-F1 score.The experimental results show that the proposed method can effectively classify different types of traffic samples on different datasets and significantly improve the detection rate of minority class samples.The performance metrics achieved on the CIC-IDS2017 and UNSW-NB15 datasets surpass those of other traditional methods,thus demonstrating the effectiveness and superiority of the proposed method.