Research On Malicious Traffic Detection And Classification Method Based On Improved DCGAN

With the rapid development of network technology and the continuous growth of the scale of netizens,the Internet has become an indispensable infrastructure for people.However,in the field of network space security,there are various security hazards,which will inevitably bring a big impact on our lives.Malicious flow detection is an important method of current anti-network security issues,it is increasingly favored by researchers.So far,Chinese and foreign research scholars have proposed many different malicious flow detection methods.Among them,the malicious flow detection method based on the learning algorithm is the most mainstream.However,most of the current malicious traffic detection methods are carried out under the machine learning algorithm,and their detection performance and classification performance are largely dependent on feature selection or listening to expert experience.Moreover,in the disclosed malicious flow sample data concentration,the phenomenon of malicious flow samples is very obvious,which is very easy to cause malicious flow detection model training inadequate training,which in turn leads to a decrease in detection performance and classification performance.So how to avoid cumbersome feature projects,and in the absence of malicious samples,the malicious flow detection model reaches high detection performance and classification effect is still an urgent problem.In recent years,the successful application of deep learning algorithms in the field of NLP and CV has provided new ideas for researchers in the field of malicious traffic detection.Given the above problems,this paper introduces a deep learning algorithm for the detection of malicious traffic.The main contributions are as follows:1.Given the problem that there are few malicious samples in the existing network traffic datasets,this paper starts from the idea of sample enhancement and uses deep convolutional adversarial networks to enhance malicious traffic samples.And in the process of sample enhancement,considering that the generated samples may have poor quality,this paper uses the upper confidence interval algorithm(UCT)in reinforcement learning to screen the quality of new samples.This part proposes a malicious traffic sample generation model UCT-DCGAN based on an improved deep convolutional adversarial network.It takes the HTTPS encrypted protocol traffic as the research object and aims to solve the inconsistency of the data set in the training process of the encrypted traffic detection model at the data level.balance issue.2.Aiming at the problem that the existing deep convolutional adversarial network’s classifier can only perform binary classification and cannot achieve refined classification in malicious traffic detection,a new fusion model DCGAN＿1D-CNN is proposed.Compared with the general one-dimensional convolutional neural network classifier,this model can automatically extract features from the original traffic samples and learn its data distribution from the training samples to obtain new samples.The best-generated samples and the original samples are used as the input of1D-CNN to achieve the purpose of multi-classification and greatly reduce the time cost of training.