Network Traffic Anomaly Detection Model Based on Feature Reduction and Bidirectional LSTM Neural Network Optimization

4区计算机科学 Q3 Computer Science Scientific Programming Pub Date : 2023-11-03 DOI:10.1155/2023/2989533

Hanqing Jiang, Shaopei Ji, Guanghui He, Xiaohu Li

{"title":"Network Traffic Anomaly Detection Model Based on Feature Reduction and Bidirectional LSTM Neural Network Optimization","authors":"Hanqing Jiang, Shaopei Ji, Guanghui He, Xiaohu Li","doi":"10.1155/2023/2989533","DOIUrl":null,"url":null,"abstract":"Aiming at the problems of large data dimension, more redundant data, and low accuracy in network traffic anomaly detection, a network traffic anomaly detection model (FR-APPSO BiLSTM) based on feature reduction and bidirectional long short-term memory (LSTM) neural network optimization is proposed. First, the feature dimensions are divided by hierarchical clustering according to the similarity distance between data features, and the features with high correlation are divided into the same feature subset. Second, an automatic encoder is used to reduce each feature subset, eliminating redundant information, and reducing the computational complexity of the detection data. Then, a particle swarm optimization algorithm based on adaptive updating of variables and dynamic adjustment of parameters (APPSO) is proposed, which is used to optimize the parameters of the bidirectional LSTM neural network (BiLSTM). Finally, the optimized BiLSTM is used as a classifier to model network traffic anomaly detection using the reduced feature data. Experiments based on NSL-KDD, UNSW-NB15, and CICIDS-2017 datasets show that the proposed FR-APPSO-BiLSTM model can effectively reduce data features, improve the accuracy of detection, and the performance of network traffic anomaly detection.","PeriodicalId":22091,"journal":{"name":"Scientific Programming","volume":"117 3‐4","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Scientific Programming","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1155/2023/2989533","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 0

Abstract

Aiming at the problems of large data dimension, more redundant data, and low accuracy in network traffic anomaly detection, a network traffic anomaly detection model (FR-APPSO BiLSTM) based on feature reduction and bidirectional long short-term memory (LSTM) neural network optimization is proposed. First, the feature dimensions are divided by hierarchical clustering according to the similarity distance between data features, and the features with high correlation are divided into the same feature subset. Second, an automatic encoder is used to reduce each feature subset, eliminating redundant information, and reducing the computational complexity of the detection data. Then, a particle swarm optimization algorithm based on adaptive updating of variables and dynamic adjustment of parameters (APPSO) is proposed, which is used to optimize the parameters of the bidirectional LSTM neural network (BiLSTM). Finally, the optimized BiLSTM is used as a classifier to model network traffic anomaly detection using the reduced feature data. Experiments based on NSL-KDD, UNSW-NB15, and CICIDS-2017 datasets show that the proposed FR-APPSO-BiLSTM model can effectively reduce data features, improve the accuracy of detection, and the performance of network traffic anomaly detection.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于特征约简和双向LSTM神经网络优化的网络流量异常检测模型

针对网络流量异常检测中存在的数据维数大、数据冗余多、准确率低等问题，提出了一种基于特征约简和双向长短期记忆(LSTM)神经网络优化的网络流量异常检测模型FR-APPSO BiLSTM。首先，根据数据特征之间的相似距离对特征维度进行分层聚类划分，将相关度较高的特征划分到同一特征子集中;其次，使用自动编码器对每个特征子集进行约简，消除冗余信息，降低检测数据的计算复杂度;然后，提出了一种基于变量自适应更新和参数动态调整的粒子群优化算法(APPSO)，并将其用于双向LSTM神经网络(BiLSTM)的参数优化。最后，将优化后的BiLSTM作为分类器，利用约简后的特征数据对网络流量异常检测进行建模。基于NSL-KDD、UNSW-NB15和CICIDS-2017数据集的实验表明，本文提出的FR-APPSO-BiLSTM模型可以有效地减少数据特征，提高检测精度，提高网络流量异常检测性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Scientific Programming 工程技术-计算机：软件工程

自引率

0.00%

发文量

1059

审稿时长

>12 weeks

期刊介绍： Scientific Programming is a peer-reviewed, open access journal that provides a meeting ground for research results in, and practical experience with, software engineering environments, tools, languages, and models of computation aimed specifically at supporting scientific and engineering computing. The journal publishes papers on language, compiler, and programming environment issues for scientific computing. Of particular interest are contributions to programming and software engineering for grid computing, high performance computing, processing very large data sets, supercomputing, visualization, and parallel computing. All languages used in scientific programming as well as scientific programming libraries are within the scope of the journal.