Network data anomaly detection combined with hybrid feature selection and Transformer

被引:0
作者
Xiang, Siyu [1 ,2 ]
Liu, Caiming [1 ,2 ,3 ]
机构
[1] School of Computer Science and Software Engineering, Southwest Petroleum University, Chengdu
[2] School of Electronic Information and Artificial Intelligence, Leshan Normal University, Leshan
[3] Intelligent Network Security Detection and Evaluation Laboratory, Leshan Normal University, Leshan
来源
Dianzi Keji Daxue Xuebao/Journal of the University of Electronic Science and Technology of China | 2025年 / 54卷 / 03期
关键词
anomaly detection; hybrid feature selection; mutual information; random forest; self-attention mechanism;
D O I
10.12178/1001-0548.2024083
中图分类号
学科分类号
摘要
The intelligent learning method plays a crucial role in network data anomaly analysis. However, traditional intelligent anomaly analysis methods often struggle to strike a balance among the interpretability of network data analysis results, the consumption of computing resources for anomaly analysis, and the accuracy of analyzing network data stream sequences. To address these challenges, a novel network data flow anomaly detection model combining hybrid feature selection and Transformer is proposed. This model conducts data preprocessing via a hybrid feature selection method and performed anomaly detection based on an enhanced Transformer model. A hybrid feature selection algorithm, utilizing both tree models and mutual information, is employed to reduce the dimensionality of network data features. The encoder part of the Transformer serves as the core of the classification task, and convolution operations are integrated to enhance the local perception ability of network data stream sequences. Classification is then performed using a classification header. The proposed method has been simulated and validated using the publicly available intrusion detection dataset CICIDS2017. Experimental results demonstrate that the proposed model effectively detects network data flow anomalies, outperforming intrusion detection methods based on neural networks. © 2025 University of Electronic Science and Technology of China. All rights reserved.
引用
收藏
页码:442 / 454
页数:12
相关论文
共 26 条
[1]  
JURCUT A, NICULCEA T, RANAWEERA P, Et al., Security considerations for Internet of Things: A survey, SN Computer Science, 1, 4, (2020)
[2]  
ALAM T., A reliable communication framework and its use in internet of things (IoT), International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 3, 5, pp. 450-456, (2018)
[3]  
FERRAG M A, MAGLARAS L, MOSCHOYIANNIS S, Et al., Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study, Journal of Information Security and Applications, 50, (2020)
[4]  
SRIVASTAVA G, JHAVERI R H, BHATTACHARYA S, Et al., XAI for cybersecurity: State of the art, challenges, open issues and future directions
[5]  
YAO Y P, SU L Y, LU Z G., DeepGFL: Deep feature learning via graph for attack detection on flow-based network traffic, Proceedings of the 2018 IEEE Military Communications Conference, pp. 579-584, (2018)
[6]  
GU J, LU S., An effective intrusion detection approach using SVM with naïve Bayes feature embedding, Computers & Security, 103, (2021)
[7]  
PANIGRAHI R, BORAH S, BHOI A K, Et al., A consolidated decision tree-based intrusion detection system for binary and multiclass imbalanced datasets, Mathematics, 9, 7, (2021)
[8]  
VERKERKEN M, D'HOOGE L, SUDYANA D, Et al., A novel multi-stage approach for hierarchical intrusion detection, IEEE Transactions on Network and Service Management, 20, 3, pp. 3915-3929, (2023)
[9]  
MIRSKY Y, DOITSHMAN T, ELOVICI Y, Et al., Kitsune: An ensemble of autoencoders for online network intrusion detection, Proceedings 2018 Network and Distributed System Security Symposium, (2018)
[10]  
ROOPAK M, GUI Y T, CHAMBERS J., Deep learning models for cyber security in IoT networks, Proceedings of the IEEE 9th Annual Computing and Communication Workshop and Conference, pp. 452-457, (2019)
123