Research And Implementation Of Cyber Abnormal Detection Technology Based On Deep Learning

With the development and improvement of global network infrastructure and the rapid development of Internet technology on top of it,the Internet has become the main driving force for global economic growth.It can be said that modern human society is inseparable from the great convenience brought by network technology.In view of the increasingly large threat intelligence data of network users,how to reasonably analyze and study the threat intelligence will become the top priority of the social trust system and active security defense in the new era.In response to this problem,we propose an cyber abnormal detection method based on deep autoencoding convolutional network and apply detection based on two-dimensional convolutional network model.At the same time,an abnormal traffic detection system based on the above methods is implemented.The main contributions of this paper are as follows:(1)This paper proposes a novel neural network structure based on deep autoencoder and two-dimensional convolutional neural network:DACNN.The neural network model is a high-performance intrusion detection classifier model,which can deeply mine abnormal traffic characteristics without relying on specific rules,and efficiently perform network abnormal traffic detection with generalization ability.(2)This paper first applies DACNN and depth from the Gaussian mixed model in the field of network abnormal flow detection.In this paper,it is experimentally proved that the dimensionality reduction information generated by the deep autoencoder contains effective classification information.This model improves the ability of neural network models to extract abstract features of network traffic data,and proves that the dimensionality reduction information obtained from the autoencoder contains important classification information.(3)This article designed and implemented a network intrusion detection system based on two-dimensional consolidation neural network and DACNN.The system is divided into network data collection modules,host data collection modules,rule matching detection modules,network traffic detection modules,database modules,query modules,system management modules.