Analysis Of Network Abnormal Behavior Based Artifical Intelligence

With the development of network technology and the Internet,Web servers in the network can be seen everywhere.People can browse and purchase various Web sites to make purchases or pay for living expenses,which brings great convenience to life,but the ensuing cybersecurity issues are endless.Attacks on web servers are one of the most serious threats in the security realm.Web servers have features such as remote access and a large number of security vulnerabilities that hackers can use to compromise Web servers,collect confidential information from databases,and even interrupt or completely hack Web servers.Since Web logs record the behavior of users accessing the network,analyzing Web logs is one of the most effective ways to identify abnormal behavior of users.The traditional Web log-based anomaly behavior detection technology has problems in that the rule base is difficult to manage,and the statistical model is difficult to fully extract important feature information in user behavior,resulting in high false positive rate and false negative rate,poor generalization ability,slow detection speed,etc.Therefore,further analysis of Web logs is of great significance and practical value for the study of abnormal behavior detection techniques.Based on this background,we propose to apply artificial intelligence to the analysis of network anomaly behavior.The main tasks are as follows:Research point 1 proposes a data feature modeling method based on Web log.According to the implicit statistical features of the HTTP request field of Web log,a single HTTP request feature and attack category statistical features are constructed.Experimental verification shows that the statistical features of the construction of this research point have better ability to identify abnormal behaviors.Research point 2 proposes an improved XGBoost anomaly behavior detection algorithm,constructing a two-layer XGBoost classification model,first determining the candidate attack categories for each HTTP request through a multi-classifier,and then determining the final attack category through the second classifier.In the third point of research,a neural network anomaly behavior detection algorithm based on character level is proposed.By constructing the character level Char2Vec feature vector expression method,the convolutional neural network and the cyclic neural network anomaly detection model are realized.Experiments on real data sets show that compared with other traditional machine learning algorithms,the detection algorithms proposed in Research Point 2 and Research Point 3 perform better in both detection rate and false positive rate.