Research On SP-CBAT Network Intrusion Detection Model Based On Deep Learning

With the rapid development of the Internet,as the network scale and data continue to grow,more types of network attacks have also emerged.Intrusion detection is an active defense technology that protects computer network security.It monitors the computer network in real time,collects traffic data from the network,identifies the data,identifies whether there is a threat to the computer network,and promptly makes alarm interception and corresponding processing.In recent years,deep learning has shown impressive performance in fields such as predictive recognition,recommendation systems,and intelligent driving.Applying it to the field of network intrusion detection can make up for the shortcomings of low detection accuracy and poor real-time performance of traditional machine learning algorithms.In response to the phenomenon of imbalanced traffic samples,low detection efficiency,and poor detection accuracy in network intrusion detection,this article conducts relevant research on network intrusion detection based on deep learning technology.The main research work of this article is as follows:Convolutional neural network can effectively extract the characteristics of network traffic.Convolutional neural network is used for preliminary feature extraction of data,and residual convolution unit is designed after the convolution layer for further feature extraction.The bidirectional Long short-term memory network is used to extract the features of traffic data in the time series in the positive and reverse directions.Add an Attention mechanism to the model to reduce data dimensionality,and enable the model to fully learn main features by weighting important information,thereby improving model performance.Based on the above technologies,a basic framework of an intrusion detection model was constructed,and a network intrusion detection model(CBAT)based on residual convolution and attention mechanism was designed and implemented.The model was simulated on the NSL-KDD dataset,and its accuracy on the dataset reached 91.63%,with an F1 score of 90.42%.The final experiment showed that the proposed model had better performance compared to other algorithms.In response to the problem of imbalanced datasets and excessive redundant features,a network intrusion detection model based on data balance(SP-CBAT)was proposed to further optimize the dataset.The SMOTE-Tomek algorithm was used for mixed sampling to improve the model’s detection ability for small class samples in the dataset.Then,principal component analysis was used for feature extraction on the dataset to extract important features and improve the model’s detection performance.Through comparative analysis through simulation experiments,the proposed SP-CBAT model has an accuracy improvement of 1.13% and an accuracy improvement of 1.61% compared to the CBAT model.The model training time has been shortened by 49.68%,and the detection rates for U2 R and R2 L samples in the dataset have been improved by 20.27% and 14.20%,respectively.The experimental results show that the proposed SP-CBAT model can improve the overall performance of the CBAT model and enhance its detection ability for small samples.