Deep Learning Network Intrusion Detection Based on Network Traffic

Network intrusion detection is an important protection tool after firewall, and intrusion detection algorithm is the core of intrusion detection system. The purpose of studying intrusion detection algorithm is to improve the detection rate of abnormal attacks and reduce the false positive rate. Deep learning is the first mock exam to deal with network data traffic. It does not make full use of the unique characteristics of network data when solving classification problems, and often shows the drawback of not fully summarizing the characteristics and limited generalization ability of specific data sets. The fusion of convolutional neural network and long-term and short-term memory network can fully extract the effective features of intrusion samples by mining the spatio-temporal features of all aspects of network data flow, especially the sequence of feature sequences retained by LSTM, which makes intrusion detection more accurate in classifying normal data and four kinds of abnormal data, Experiments show that CNN-LSTM model is more accurate and has excellent performance on UNSW-NB15 data set and NLS-KDD 99 data set.