| 摘 要: 针对网络入侵检测模型特征提取算法复杂、训练参数过多、检测结果不理想等问题,提出一种改进卷积神经网络与长短期记忆网络结合的网络入侵检测方法(GCNN-LSTM)。首先,使用卷积神经网络对流量数据做特征选择,并选择全局池化层代替其中的全连接层;其次,结合长短期记忆网络强大的时间序列学习能力对改进卷积神经网络选择后的特征进行学习分类,以期在网络异常数据检测方面获得更好的效率和准确率。实验结果表明,提出的模型在UNSW-NB15数据集上有着较好的检测效果。在同等条件下,使用传统卷积神经网络的模型准确率为84.97%,训练时间为76.3 s;本模型准确率达到了88.96%,训练时间为61.1 s。 |
| 关键词: 卷积神经网络;LSTM;全局池化;网络入侵检测 |
|
中图分类号: TP393.8
文献标识码: A
|
| 基金项目: 重庆科技学院研究生科技创新项目(YKJCX2020816);重庆市高等教育教学改革研究项目(202078). |
|
| Research on Network Intrusion Detection Model based on Improved CNN-LSTM |
|
GE Jike, LIU Haoyin, LI Qingxia, CHEN Zuqin
|
(School of Intelligent Technology and Engineering, Chongqing University of Science and Technology, Chongqing 401331, China )
gjkweb@126.com; lhaoyin@qq.com; 690887086@qq.com; chenzuq81@163.com
|
| Abstract: Aiming at the problems of complex feature extraction algorithm, too many training parameters, and unsatisfactory detection results in the network intrusion detection model, this paper proposes a network intrusion detection method (GCNN-LSTM) combining improved convolutional neural network and long short-term memory (LSTM) network. Firstly, convolutional neural network is used to perform feature selection on the flow data, and its full connection layer is replaced by global pooling layer. Then, in view of its powerful time series learning ability, LSTM is used to learn and classify the features selected by the improved convolutional neural network, in order to obtain better efficiency and accuracy in network abnormal data detection. Experimental results show that the proposed model has a good detection effect on the UNSW-NB15 dataset. Under the same conditions, the accuracy of the model using the traditional convolutional neural network is 84.97%, and its raining time is 76.3 s, while the accuracy of the proposed model is 88.96%, and its training time is 61.1 s. |
| Keywords: convolutional neural network; LSTM; global pooling; network intrusion detection |
