High-performance network attack detection in unknown scenarios based on improved vertical model

In the field of cybersecurity, most research on unknown attack detection still faces challenges such as low detection accuracy, slow detection speed, and imprecise category identification. Therefore, we propose the first combination of vertical language models with unknown scenario attack detection to predict binary and multi-class attacks. Two improved architectures based on the SecureBERT vertical model are built into our method: the fine-tuned FTSecureBert and the lightweight BLWSecureBert. The evaluation results show that our fine-tuned FTSecureBert outperforms the other comparative algorithms. In the binary unknown scenario, only 1% of the False Positive Rate (FPR) is produced. Furthermore, our lightweight BLWSecureBert model reduces the number of parameters by approximately 3.3 times compared to the original, Compared with the other two lightweight models, BLWSecureBert is better considering category prediction, and Matthews Correlation Coefficient (MCC). Moreover, our method offers an efficient evaluation for unbalanced intrusion detection and effectively avoids several pitfalls.