Design And Implementation Of Network Traffic Anomaly Detection System Based On Generative Adversarial Network

Although Internet technology has brought great convenience to people,the problem of network security has become more and more serious.The dramatic increase in the type and volume of network traffic has generated a variety of security issues,such as the ability of unscrupulous elements to attack by modifying network traffic data.In terms of protecting network security,traffic anomaly detection,as one of the key technologies,is of great significance to maintain the security and stability of the network.How to distinguish abnormal data by traffic data has been a hot topic in the direction of network security research.To address the above mentioned problems,after analyzing the current situation of network traffic anomaly detection at home and abroad,we study the network traffic collection,identification and other related technologies,as well as the application of generative adversarial networks to traffic anomaly detection.Based on the above research,the Bidirectional Generative Adversarial Networks(BIGAN)is improved,and the anomaly traffic detection model based on generative adversarial networks is constructed,and the model is trained and memorized by learning samples from different traffic datasets to detect anomalous The model is trained and memorized by learning samples from different traffic datasets to detect anomalous traffic.The Generative Adversarial Networks(GAN)-based anomaly detection model makes full use of generators and discriminators in the GAN network architecture to capture potential interactions between variables and uses encoders to obtain potential representations in the data,and uses a new anomaly score to judge anomalies,choosing a convex combination of reconstruction loss and a convex combination of the discriminant loss as the score function.In addition,a flow anomaly detection system is designed and implemented,in which the configuration management module is mainly for the configuration and management of the probes and user information of the collected data;the data acquisition module collects data for Net Flow format data and realizes the collection and storage of data to provide data basis for the subsequent analysis and detection modules;the data analysis module classifies and statistically processes traffic flows,and uses Deep Packet Inspection(DPI)technology to analyze traffic data;the anomaly detection module classifies abnormal and normal traffic data through a modified Bi-directional Generative Adversarial Network(BIGAN).Through experiments and tests using public data sets,the effectiveness of the improved two-way generative adversarial network is verified in the anomaly detection of network traffic data,and the system achieves the functions related to data collection,analysis,and visualization to meet the basic requirements of the system.