Research On Network Security Situation Assessment Based On Deep Learning

Network information technology is just unfolding at present.Many businesses which in order to follow the pace of digital technology have embarked on the transformation.They use innovative technologies to apply to traditional facilities and work processes.Enterprise transition means that the scale of network information is gradually expanding.The diversity and complexity of security data make traditional defence systems and control measures face a severe test.At the same time,the magnitudes of covert and targeted advanced persistent threats continue to increase.Under these kinds of new situations and new challenges,network security situation assessment emerges as the times require.It can establish all-weather,multi-layered,and specialized protections.And it can monitor the development of the network in real time to minimize potential threats.Aiming at deficiencies of the feature extraction and adaptive ability in the extraction of network security factors,an improved feature dimension reduction(DSAE)is proposed.And using the CIC-IDS2017 dataset for experiments.Firstly,data preprocessing is performed on the dataset.The content includes data cleaning,imbalance processing,and data normalization.Secondly,the module of DSAE designs a Sparse Auto-Encoder(SAE)based on Directed Acyclic Graph(DAG)structure to solve the data dimension reduction problem.It differentiates features of each attack type by the hierarchical classification method.Reducing the dimension of each attack class layer-by-layer and using the data fusion method.Finally,strong correlation features are obtained.Then the sample data is acquired through image processing to provide a better initial point for the subsequent work.The extraction of network security factors based on DSAE can mine the strong correlation features,it achieves an accuracy of 99.5%.Considering the question of parametric optimization,low computational accuracy and premature convergence on the reference function make Slime Mould Algorithm(SMA)easy to fall into local optimum.The thesis proposes an improved SMA(TBSMA)based on tangent flight operator and probability distribution.The tangent flight operator is added into the position update formula of SMA.It is characterized by an adaptive variable step size,which can effectively improve the search ability.By adding a parameter generated by probability distribution into the calculation formula of parameter (8,the ability of the algorithm to jump out of local optimum is enhanced.Finally,the 30 benchmark functions in CEC-2017 and two practical engineering problems are used to test the performance of TBSMA.The results of experiments show that TBSMA has a strong optimization ability to compare with other algorithms.Aiming at network security situation assessment,on the basis of in-depth analysis of the security factor extraction,TBSMA is introduced into Convolutional Neural Networks(CNN)situation evaluation model in the thesis to solve the problem of parameter configuration.Using TBSMA algorithm in TBSMA-CNN model to select independently the best CNN structure without the guidance of experience.In the meantime,the network security situation value is obtained according to the situation quantitative index.The results of experiments show that TBSMA-CNN model is highly consistent with the physical truth,its rmse is 0.198.Compared with other models,it is reduced.