Research And System Implementation Of Network Abnormal Traffic Detection Based On Deep Learning

The computer Internet’s swift advancement has resulted in a growing number of devices being linked to the network,thus resulting in an ever-growing and intricate amount of network traffic.In the event of a network attack,it is especially critical to quickly and accurately detect abnormal attack traffic.The needs of current networks have been hard to satisfy by traditional anomalous traffic detection techniques,which rely on data mining and mathematical statistics,with their low detection rates and high false alarm rates.Machine learning-based methods have made some progress in detection accuracy,yet they often necessitate considerable expenses for manual feature extraction.Since deep learning methods can automatically extract features from massive amounts of data,deep learning-based abnormal traffic detection methods have been widely developed.In this thesis,we study deep learning-based anomalous traffic detection methods with the following contributions:(1)A spatio-temporal fusion network anomaly traffic detection model based on CNN and GRU networks is proposed.The model is able to extract spatial features of traffic packets using CNN networks and temporal features of traffic packets using GRU networks,while combining both spatio-temporal features to enhance the representation of traffic data.Experimental results on the CICIDS-2017 dataset show that compared with traditional machine learning methods and single deep learning methods,the spatio-temporal fusion-based network anomaly traffic detection method performs optimally in all evaluation metrics,including the recognition accuracy of 99.89%,which is about 3.21% better than the best-performing RF model among machine learning models,0.48% better than CNN alone,and 0.48%,and 0.53% over GRU alone.(2)An improved network anomalous traffic detection model based on attention mechanism and autoencoder is proposed.To further improve the detection performance of the model,the spatio-temporal fusion anomalous traffic detection model proposed in this thesis is optimized by introducing the attention mechanism and auto-encoder in the network.The attention mechanism is responsible for enhancing the model’s focus on essential data,while the auto-encoder further investigates the potential information in the data by compressing features in various dimensions.The experimental results show that the improved network anomaly traffic detection model using a combination of the attention mechanism and autoencoder has better performance than the previously proposed CNN-GRU model,the CNN-GRU model optimized with a single attention mechanism or autoencoder,and the traditional machine learning model,with an accuracy of 99.93%.(3)A deep learning based network anomaly traffic detection system is designed and implemented.This thesis combines the deep learning model,Python language and Py Qt5 framework to complete the development of the network anomaly traffic detection system,and verifies the usability of the network anomaly traffic detection system through experiments.In summary,this thesis’ s research findings can significantly enhance the precision and dependability of network anomaly traffic detection,which has a significant practical use in safeguarding network security.