The proposed GA-BiIndRNN model for malicious traffic detection in networks is divided into five parts, namely, the data input part of networks traffic, the data preproces...
Abstract:
As time series data with internal correlation, networks traffic data can be used for abnormal detection using Recurrent Neural Network (RNN) and its variants, but existin...Show MoreMetadata
Abstract:
As time series data with internal correlation, networks traffic data can be used for abnormal detection using Recurrent Neural Network (RNN) and its variants, but existing models are difficult to calculate in parallel, and gradient explosion or vanishing easily occurs. To address this problem, we propose a Bidirectional Independent Recurrent Neural Network (BiIndRNN) with parallel computation and adjustable gradient, which can extract the bidirectional structural features of networks traffic by forward and backward input and capture the spatial influence in the data flow. To establish the dependencies on the forward and backward moments of networks traffic, a model combining Global Attention (GA) with BiIndRNN is proposed to pay more attention to the moments containing essential information. Taking the UNSW-NB15 dataset as the object, the GA expression of the packets feature vector of the networks is derived, feature fusion, as well as loss calculation, is performed for multiple fully connected layers. The experimental results show that, compared with traditional deep and shallow machine learning and other state-of-the-art technologies, our GA-BiIndRNN model converges faster, the accuracy, precision, and F1 scores are all above 99%, and the false positive rate (FPR) is close to 0.36%, which can effectively identify normal and malicious network activities. These results provide a theoretical basis for the rapid implementation of protective measures.
The proposed GA-BiIndRNN model for malicious traffic detection in networks is divided into five parts, namely, the data input part of networks traffic, the data preproces...
Published in: IEEE Access ( Volume: 10)