MTC-NET: A Multi-Channel Independent Anomaly Detection Method for Network Traffic.

IF 3.4 3区 医学 Q1 ENGINEERING, MULTIDISCIPLINARY Biomimetics Pub Date : 2024-10-10 DOI:10.3390/biomimetics9100615
Xiaoyong Zhao, Chengjin Huang, Lei Wang
{"title":"MTC-NET: A Multi-Channel Independent Anomaly Detection Method for Network Traffic.","authors":"Xiaoyong Zhao, Chengjin Huang, Lei Wang","doi":"10.3390/biomimetics9100615","DOIUrl":null,"url":null,"abstract":"<p><p>In recent years, deep learning-based approaches, particularly those leveraging the Transformer architecture, have garnered widespread attention for network traffic anomaly detection. However, when dealing with noisy data sets, directly inputting network traffic sequences into Transformer networks often significantly degrades detection performance due to interference and noise across dimensions. In this paper, we propose a novel multi-channel network traffic anomaly detection model, MTC-Net, which reduces computational complexity and enhances the model's ability to capture long-distance dependencies. This is achieved by decomposing network traffic sequences into multiple unidimensional time sequences and introducing a patch-based strategy that enables each sub-sequence to retain local semantic information. A backbone network combining Transformer and CNN is employed to capture complex patterns, with information from all channels being fused at the final classification header in order to achieve modelling and detection of complex network traffic patterns. The experimental results demonstrate that MTC-Net outperforms existing state-of-the-art methods in several evaluation metrics, including accuracy, precision, recall, and F1 score, on four publicly available data sets: KDD Cup 99, NSL-KDD, UNSW-NB15, and CIC-IDS2017.</p>","PeriodicalId":8907,"journal":{"name":"Biomimetics","volume":"9 10","pages":""},"PeriodicalIF":3.4000,"publicationDate":"2024-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC11506297/pdf/","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Biomimetics","FirstCategoryId":"5","ListUrlMain":"https://doi.org/10.3390/biomimetics9100615","RegionNum":3,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, MULTIDISCIPLINARY","Score":null,"Total":0}
引用次数: 0

Abstract

In recent years, deep learning-based approaches, particularly those leveraging the Transformer architecture, have garnered widespread attention for network traffic anomaly detection. However, when dealing with noisy data sets, directly inputting network traffic sequences into Transformer networks often significantly degrades detection performance due to interference and noise across dimensions. In this paper, we propose a novel multi-channel network traffic anomaly detection model, MTC-Net, which reduces computational complexity and enhances the model's ability to capture long-distance dependencies. This is achieved by decomposing network traffic sequences into multiple unidimensional time sequences and introducing a patch-based strategy that enables each sub-sequence to retain local semantic information. A backbone network combining Transformer and CNN is employed to capture complex patterns, with information from all channels being fused at the final classification header in order to achieve modelling and detection of complex network traffic patterns. The experimental results demonstrate that MTC-Net outperforms existing state-of-the-art methods in several evaluation metrics, including accuracy, precision, recall, and F1 score, on four publicly available data sets: KDD Cup 99, NSL-KDD, UNSW-NB15, and CIC-IDS2017.

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
MTC-NET:网络流量的多通道独立异常检测方法。
近年来,基于深度学习的方法,尤其是那些利用 Transformer 架构的方法,在网络流量异常检测方面获得了广泛关注。然而,在处理高噪声数据集时,由于跨维度的干扰和噪声,将网络流量序列直接输入 Transformer 网络往往会大大降低检测性能。在本文中,我们提出了一种新型的多通道网络流量异常检测模型 MTC-Net,它降低了计算复杂度,并增强了模型捕捉长距离依赖关系的能力。具体做法是将网络流量序列分解为多个单维时间序列,并引入基于补丁的策略,使每个子序列都能保留本地语义信息。结合 Transformer 和 CNN 的骨干网络用于捕捉复杂模式,在最终分类头融合来自所有通道的信息,以实现复杂网络流量模式的建模和检测。实验结果表明,在四个公开数据集上,MTC-Net 在准确度、精确度、召回率和 F1 分数等多个评估指标上都优于现有的先进方法:这些数据集包括:KDD Cup 99、NSL-KDD、UNSW-NB15 和 CIC-IDS2017。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Biomimetics
Biomimetics Biochemistry, Genetics and Molecular Biology-Biotechnology
CiteScore
3.50
自引率
11.10%
发文量
189
审稿时长
11 weeks
期刊最新文献
Brain-Inspired Architecture for Spiking Neural Networks. Explorative Binary Gray Wolf Optimizer with Quadratic Interpolation for Feature Selection. Path Planning of an Unmanned Aerial Vehicle Based on a Multi-Strategy Improved Pelican Optimization Algorithm. Performance Comparison of Bio-Inspired Algorithms for Optimizing an ANN-Based MPPT Forecast for PV Systems. Clinical Applications of Micro/Nanobubble Technology in Neurological Diseases.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1