Research On Mailcious Traffic Detection Method Based On Bidirectional Temporal Convolutional Network And Graph Attention Network

With the continuous development of the Internet,network behavior is increasing day by day in daily life,and the scale of traffic is constantly expanding.However,the complex network environment has led to increasingly frequent network attacks and hacker intrusions,and network attacks have become diverse,covert,and complex,posing a huge threat to the security of the cyberspace.Research on how to accurately and effectively detect malicious traffic in complex network environments is currently a serious problem that research is facing.Therefore,this thesis aims to efficiently identify malicious traffic in the network through a series of research methods targeting the characteristics of malicious traffic.In the field of malicious traffic network detection,traditional classification methods have the problem of low detection efficiency due to the concealment of malicious attacks nowadays.Machine learning methods are also unable to adapt to complex network environments due to excessive reliance on professionals to design traffic features.In contrast,deep learning methods have become an effective method for detecting malicious traffic in complex and ever-changing network environments due to their ability to automatically read and analyze data through connections between neurons,thereby capturing deep level features.However,most of the current traffic detection models rely on the statistical information of traffic for analysis,ignoring the Semantic information and correlation characteristics of traffic,which makes the traffic detection results not accurate enough.Based on this,this thesis proposes two malicious traffic detection methods and designs a prototype system by conducting a series of research on the semantic and structural correlation of network traffic.The main work of this thesis is explained as follows:1.Aiming at the problem that the existing mainstream malicious traffic detection methods do not fully consider the Semantic information of network traffic,this thesis proposes a Bidirectional Temporal Convolutional Network(Bi TCN)based malicious network traffic detection method.In the model training phase,the Exponential Linear Unit(ELU)activation function is used to replace the Rectified Linear Units(Re LU)activation function to avoid the problem of reduced detection accuracy caused by the "death" of neurons,and the original one-way model is improved to a two-way model to extract the two-way semantic fusion features of network traffic.The proposed Bi TCN model achieved good detection results on network traffic datasets.2.A Graph ATtention networks-Decision Tree(GAT-DT)based malicious traffic detection method is proposed to address the issue of insufficient detection accuracy due to the neglect of the structural characteristics of traffic in existing malicious traffic detection methods.This method analyzes the spatial characteristics of traffic,obtains the topological structure of traffic data through Graph Convolutional Neural networks(GCN),captures traffic association features,and assigns higher weights to key features through self attention mechanism.Then,the decision tree is used to classify and ultimately complete the detection of malicious traffic.Finally,the proposed method was tested and analyzed on a public dataset with various existing detection models,and the experimental results showed that the proposed method has high accuracy.3.We have designed and implemented a malicious traffic detection system based on Bidirectional Temporal Convolutional Networks and Graph ATtention networks.The system is developed based on a B/S architecture and is easy to operate online.It mainly consists of a system interface module,data preprocessing module,malicious traffic detection module,and result analysis module.This system has achieved automated detection of malicious traffic and verified the effectiveness of the two proposed detection methods.