Research On Malicious Traffic Detection Method Of Campus Network Based On Meta-learning

With the continuous development of global information technology,campus network and various management systems deployed on it have become an indispensable part of the work and study of teachers and students in universities.However,along with the rapid development of the network,the security of the network is also becoming more and more prominent.Especially in the "post-epidemic + double reduction era",the demand for education information construction is rapidly increasing,and the campus network and education applications on the cloud are also changing from "bounded" to "borderless".This makes it easier for attackers to access the campus network,and the attack techniques are becoming more and more specialized and large-scale.In the face of hacker attacks,campus networks have become the target of mining virus and ransomware attacks,which has put forward higher requirements for the construction of campus network security systems.Only by establishing a safe and effective campus network security system can we ensure the smooth teaching work of universities.In the past,the security protection of campus network was mainly based on firewall technology,which can stop external attacks on campus network.But it is difficult to detect internal attacks on the network,and the detection of new variants of network viruses is not effective.Intrusion detection technology can effectively solve the dilemma of poor detection of traditional firewalls,and it has become inevitable to protect campus network security.Its application makes network security shift from passive defense to active detection and protection in the past,and is an effective supplement and extension to firewall technology.In response to the shortage of existing campus network intrusion detection schemes that cannot effectively detect small-sample malicious traffic,this study proposes a small-sample network intrusion detection method based on a meta-learning approach.The method learns a priori knowledge of network traffic classification directly from the original traffic and constructs a deep neural network FC-Net for feature extraction,feature refinement and feature comparison of data streams to achieve malicious traffic detection on the premise of campus network with few samples.To evaluate this method,two small-sample network intrusion detection datasets CICIDS2017 FS and ISCX2012 FS based on real network traffic data sources are constructed on the open-source datasets CICIDS2017 and ISCX2012 FS to perform the training corresponding to the less-sample intrusion detection.The experiments on the datasets show that FC-Net is operationally feasible for training and testing on different datasets,is not limited to specific datasets or virus attack types,and the method is general.Compared with other intrusion detection methods,this method greatly improves the update speed and inference speed of detection,with an average accuracy of 99.62% and a false positive detection rate of 98.88%,which is more effective in the scenario of less-sample malicious traffic detection and can effectively prevent less-sample attacks against campus networks,such as zero-day attacks.