| With the continuous growth of the scale of the Internet,the complexity of network structure,the diversification of network applications,and the threat of network security have presented new challenges to network management and application.In particular,the increasingly diverse ways of network attack have posed a serious threat to the security of cyberspace.Therefore,the security management of network traffic becomes very important.As an important part of network security management,the detection of network malicious traffic has become a hot topic in the field of network security.This thesis analyzes the current detection methods of network malicious traffic,aims to improve the detection efficiency of malicious traffic,effectively combines deep learning technology with network malicious traffic detection,improves the feature selection algorithm of network malicious traffic and network model structure respectively,and proposes a network malicious traffic detection method based on deep learning.It can effectively detect malicious traffic attacks on the network and guarantee the secure operation of the network.The main research contents of this thesis are as follows:1.An improved feature vector extraction algorithm based on information entropy and whale optimization algorithm is proposed.Aiming at the problem that the characterization ability of the network malicious traffic feature vector extracted by traditional methods is not strong,this method extracts the network malicious traffic feature vector by improving the existing network state information entropy calculation method and integrating the improved whale optimization algorithm.After several iterations,redundant attributes are gradually eliminated,and the most stable attribute set is found as the feature vector for detection.Through comparative analysis of experiments,the detection accuracy is better than PCA,LDA,SVD and other extraction methods,which effectively improves the characterization ability of network malicious traffic feature vectors.2.A CNN-GRU malicious traffic detection model based on IWOA feature selection is proposed.Aiming at the problems such as poor accuracy and efficiency of traditional detection methods caused by temporal and spatial characteristics of malicious traffic,based on the extraction of IWOA feature vector,the automatic extraction of temporal and spatial characteristics of malicious traffic after feature extraction was carried out again by improving the combination of convolutional neural network and gated recurrent unit.Double crossconvolutional neural networks and gated recurrent units are used to construct the model.After the convolution operation,gated recurrent units are used to extract the time features of the data,so as to prevent feature loss caused by re-convolution and shorten the convergence time of the model.The experimental results show that compared with CNN,LSTM and CNN+LSTM,the proposed method has better accuracy,recall rate and F1 value on three kinds of data sets,and reduces the time complexity while improving the detection accuracy.3.A CNN-Bi GRU-PRLU malicious traffic detection method based on attention is proposed.To solve the problem that the convolutional neural network cannot focus on the local area and the gated recurrent unit cannot reverse transfer the timing features,resulting in low detection performance,the attention mechanism is integrated with the convolutional neural network to make CNN focus on important features and use the bidirectional gated recurrent unit to reverse transfer the timing features of malicious traffic,meanwhile,PRLU activation function was used to enhance the nonlinear fitting ability of the model.Experimental results show that,compared with detection methods such as CNN-GRU,ACNN-GRU and CNNBi GRU,the proposed method can focus local features more effectively while transmitting time sequence features in reverse,and improve the detection performance of time-dependent malicious traffic. |
PDF Full Text Request