Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (11A): 231100106-9.doi: 10.11896/jsjkx.231100106

• Information Security • Previous Articles     Next Articles

Study on Malicious Traffic Classification Algorithm Based on CNN Combined with BiGRU

YANG Yongping1, WANG Siting2   

  1. 1 School of Information Technology,Beijing Normal University,Zhuhai,Zhuhai,Guangdong 519087,China
    2 National Key Laboratory of Mobile Security,Beijing University of Posts and Telecommunications,Beijing 100876,China
  • Online:2024-11-16 Published:2024-11-13
  • About author:YANG Yongping,born in 1980,master,lecturer.His main research interests include network security and machine learning.
  • Supported by:
    Project of Department of Education of Guangdong Province(2020KTSCX175) and Beijing Normal University Zhuhai Campus Teaching and Research Project(202041).

PDF (PC)

185

Abstract: Network intrusion detection is an important network security technology,malicious traffic recognition and classification is the basis of network intrusion detection.In the current network environment,port detection technology,deep packet detection technology,and feature engineering machine learning algorithm detection technology for malicious traffic identification and classification have failed or are not easy to implement.This paper proposes a malicious traffic recognition classification algorithm model CNNBiGRU,which combines convolutional neural network and bidirectional gated recurrent unit.CNNBiGRU uses convolutional neural network CNN to extract network flow structure features and spatial features,and uses bidirectional gated recurrent unit BiGRU to extract sequence features,which is consistent with the characteristics of network flow with both spatial structure and sequence features.Tests and model optimization and parameter selection are performed on the CIC-IDS2017 dataset.The experimental results show that the proposed algorithm has certain advantages in classification effect and no feature engineering is required compared with the classical machine learning algorithm,and also has better recognition effect compared with the single-neural network algorithm.Compared with the fusion neural network algorithm,it maintains the same high detection result and has a little advantage in the number of learning iterations under the same accuracy target measurement.

Key words: Malicious trafficclassification, Deep learning, Convolutional neural network, Bidirectional gated recurrent unit

CLC Number: 

  • TP391
[1]China Internet Network Security Report 2020 [R].https://www.cert.org.cn/publish/main/upload/File/2020%20Annual%20Report.pdf.
[2]MOORE A W,PAPAGIANNAKI K.Toward the accurate identification of network ap-plications[C]//PAM 2005:Proceedings of the 2005 International Workshop on Passive and Active Network Measurement,LNCS 3431.Berlin:Springer,2005:41-45.
[3]GU Y,LI D,GAO K G.Research on Network traffic Classifica-tion based on Machine Learning and Deep Learning[J].Telecommunication Science,2021,37(3):105-113.
[4]KONG L,HUANG G,WU K,Identification of Abnormal Network Traffic Using Support Vector Machine[C]//2017 18th International Conference on Parallel and Distributed Computing,Applications and Technologies(PDCAT).2017:288-292.
[5]IMAN S,LASHKARI H,GHORBANI A,et al.Toward Gene-rating a New Intrusion Detection Dataset and Intrusion Traffic Characterization[C]//International Conference on Information Systems Security and Privacy.2018:108-116.
[6]LECUN Y,BOTTOU L,BENGIO Y,et al.Gradient-basedlearning applied to document recognition[J].Proceedings of the IEEE,1998,86(11):2278-2324.
[7]GRAVES A,MOHAMED A R,HINTON G E.Speech recognition with deep recurrent neural networks[C]//2013 IEEE International Conference on Acoustics,Speech and Signal Processing.2013:6645-6649.
[8]REZAEI S,LIU X.Deep learning for encrypted traffic classification:An overview[J].IEEE Communications Magazine,57(5):2019:76-81.
[9]LOTFOLLAHI M,JAFARI SIAVOSHANI M,SHIRALIHOSSEIN ZADE R,et al.Deep packet:a novel approach for encrypted traffic classification using deep learning[J].Soft Computing,2020,24(3):1999-2012.
[10]LOPEZ-MARTIN M,CARRO B,SANCHEZ-ESGUEVILLASA,et al.Network traffic classifier with convolutional and recurrent neural networks for Internet of Things[J].IEEE Access,2017(5):18042-18050.
[11]WANG W,ZHU M,ZENG X W,et al.Malware traffic classification using convolutional neural network for representation learning[C]//2017 International Conference on Information Networking(ICOIN).Da Nang,Vietnam,2017:712-717.
[12]CIREGAN D,MEIER U,SCHMIDHUBER J.Multi-columndeep neural networks for image classification[C]//2012 IEEE Conference on Computer Vision and Pattern Recognition.Providence,RI,USA,2012:3642-3649.
[13]LECUN Y,JACKEL L D,BOTTOU L,et al.Learning Algorithms for Classification:A Comparison on Handwritten Digit Recognition[C]//Neural Networks:The Statistical Mechanics Perspective.1995.
[14]WANG W,SHENG Y Q,WANG J L,et al.HAST-IDS:Learning Hierarchical Spatial-Temporal Features Using Deep Neural Networks to Improve Intrusion Detection[J].IEEE Access,2018(6):1792-1806.
[15]LIU Y F,CAI S,YANG H X,et al.Network Intrusion Detection Method Integrating CNN and BiLSTM [J].Computer Engineering,2019,45(12):127-133.
[16]DENG X,LIU Z H,OUYANG Y,et al.Identification of encrypted Malicious traffic based on CNN CBAM-BiGRU Attention [J].Computer Engineering,2023,49(11):178-186.
[17]PACHECO F,EXPOSITO E,GINESTE M,et al.Towards the Deployment of Machine Learning Solutions in Network Traffic Classification:A Systematic Survey[J].IEEE Communications Surveys & Tutorials,Secondquarter 2019,21(2):1988-2014.
[18]ZHOU F Y,JIN L P,DONG J.Review of Convolutional neural network [J].Chinese Journal of Computers,2017,40(6):1229-1251.
[19]HOCHREITER S,SCHMIDHUBER J.Long short-term memory[J].arXiv:1412.3555,2014.
[20]CHUNG J Y,GULCEHRE C,CHO K,et al.Empirical Evaluation of Gated Recurrent Neural Networks on Sequence Modeling[J]arXiv:1412.3555,2014.
[21]OYELAKIN A,AMEEN A O,OGUNDELE T S,et al.Overview and Exploratory Analyses of CICIDS 2017 Intrusion Detection Dataset[J/OL].https://api.semanticscholar.org/CorpusID:262063000.
[22]MASEER Z K,YUSOF R,BAHAMAN N,et al.Benchmarking of Machine Learning for Anomaly Based Intrusion Detection Systems in the CICIDS2017 Dataset[J].IEEE Access,2021(9):22351-22370.
[1] DU Yu, YU Zishu, PENG Xiaohui, XU Zhiwei. Padding Load:Load Reducing Cluster Resource Waste and Deep Learning Training Costs [J]. Computer Science, 2024, 51(9): 71-79.
[2] XU Jinlong, GUI Zhonghua, LI Jia'nan, LI Yingying, HAN Lin. FP8 Quantization and Inference Memory Optimization Based on MLIR [J]. Computer Science, 2024, 51(9): 112-120.
[3] SUN Yumo, LI Xinhang, ZHAO Wenjie, ZHU Li, LIANG Ya’nan. Driving Towards Intelligent Future:The Application of Deep Learning in Rail Transit Innovation [J]. Computer Science, 2024, 51(8): 1-10.
[4] KONG Lingchao, LIU Guozhu. Review of Outlier Detection Algorithms [J]. Computer Science, 2024, 51(8): 20-33.
[5] TANG Ruiqi, XIAO Ting, CHI Ziqiu, WANG Zhe. Few-shot Image Classification Based on Pseudo-label Dependence Enhancement and NoiseInterferenceReduction [J]. Computer Science, 2024, 51(8): 152-159.
[6] XIAO Xiao, BAI Zhengyao, LI Zekai, LIU Xuheng, DU Jiajin. Parallel Multi-scale with Attention Mechanism for Point Cloud Upsampling [J]. Computer Science, 2024, 51(8): 183-191.
[7] ZHANG Junsan, CHENG Ming, SHEN Xiuxuan, LIU Yuxue, WANG Leiquan. Diversified Label Matrix Based Medical Image Report Generation [J]. Computer Science, 2024, 51(8): 200-208.
[8] GUO Fangyuan, JI Genlin. Video Anomaly Detection Method Based on Dual Discriminators and Pseudo Video Generation [J]. Computer Science, 2024, 51(8): 217-223.
[9] CHEN Siyu, MA Hailong, ZHANG Jianhui. Encrypted Traffic Classification of CNN and BiGRU Based on Self-attention [J]. Computer Science, 2024, 51(8): 396-402.
[10] YANG Heng, LIU Qinrang, FAN Wang, PEI Xue, WEI Shuai, WANG Xuan. Study on Deep Learning Automatic Scheduling Optimization Based on Feature Importance [J]. Computer Science, 2024, 51(7): 22-28.
[11] LI Jiaying, LIANG Yudong, LI Shaoji, ZHANG Kunpeng, ZHANG Chao. Study on Algorithm of Depth Image Super-resolution Guided by High-frequency Information ofColor Images [J]. Computer Science, 2024, 51(7): 197-205.
[12] SHI Dianxi, GAO Yunqi, SONG Linna, LIU Zhe, ZHOU Chenlei, CHEN Ying. Deep-Init:Non Joint Initialization Method for Visual Inertial Odometry Based on Deep Learning [J]. Computer Science, 2024, 51(7): 327-336.
[13] FAN Yi, HU Tao, YI Peng. Host Anomaly Detection Framework Based on Multifaceted Information Fusion of SemanticFeatures for System Calls [J]. Computer Science, 2024, 51(7): 380-388.
[14] GAN Run, WEI Xianglin, WANG Chao, WANG Bin, WANG Min, FAN Jianhua. Backdoor Attack Method in Autoencoder End-to-End Communication System [J]. Computer Science, 2024, 51(7): 413-421.
[15] HUANG Haixin, CAI Mingqi, WANG Yuyao. Review of Point Cloud Semantic Segmentation Based on Graph Convolutional Neural Networks [J]. Computer Science, 2024, 51(6A): 230400196-7.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.