Journal of Information Security Reserach ›› 2024, Vol. 10 ›› Issue (3): 202-.

Previous Articles     Next Articles

A Network Intrusion Detection Model Integrating CNN-BiGRU and  Attention Mechanism

Yang Xiaowen, Zhang Jian, Kuang Liqun, and Pang Min#br#

#br#
  

  1. (School of Computer Science and Technology, North University of China, Taiyuan 030051)
    (Shanxi Key Laboratory of Machine Vision and Virtual Reality, Taiyuan 030051)
    (Shanxi Province’s Vision Information Processing and Intelligent Robot Engineering Research Center, Taiyuan 030051)

  • Online:2024-03-23 Published:2024-03-08

 融合CNN-BiGRU和注意力机制的网络入侵检测模型

杨晓文张健况立群庞敏


  

  1. (中北大学计算机科学与技术学院太原030051)
    (机器视觉与虚拟现实山西省重点实验室太原030051)
    (山西省视觉信息处理及智能机器人工程研究中心太原030051)

  • 通讯作者: 张健 硕士.主要研究方向为深度学习、网络安全. 1724055732@qq.com
  • 作者简介:杨晓文 博士,副教授.主要研究方向为人工智能、网络安全. wenyang1314@nuc.edu.cn 张健 硕士.主要研究方向为深度学习、网络安全. 1724055732@qq.com 况立群 博士,教授.主要研究方向为人工智能与计算机视觉. kuang@nuc.edu.cn 庞敏 博士,讲师.主要研究方向为计算机视觉、虚拟仿真. 28994896@qq.com

Abstract: To enhance the feature extraction capabilities and classification accuracy of the network intrusion detection model, a network intrusion detection model integrating CNNBiGRU (Convolutional Neural NetworkBidirectional Gated Recurrent Unit) and attention mechanism is proposed. CNN is employed to effectively extract nonlinear features from traffic datasets,while BiGRU extracts timeseries features. The attention mechanism is then integrated to differentiate the importance of different types of traffic data through weighted means, thereby improvingthe overall performance of the model in feature extraction and classification. The experimental results indicate that the overall accuracy rate is 2.25% higher than that of the BiLSTM (Bidirectional Long ShortTerm Memory) model. Kfold crossvalidation results demonstrate that the proposed model's good generalization performance, avoiding the occurrence of overfitting phenomenon, and affirming its effectiveness and rationality.

Key words: network intrusion detection, convolutional neural network, bidirectional gated recurrent unit, attention mechanism, deep learning

摘要: 为提高网络入侵检测模型特征提取能力和分类准确率,提出了一种融合双向门控循环单元(CNNBiGRU)和注意力机制的网络入侵检测模型.使用CNN有效提取流量数据集中的非线性特征;双向门控循环单元(BiGRU)提取数据集中的时序特征,最后融合注意力机制对不同类型流量数据通过加权的方式进行重要程度的区分,从而整体提高该模型特征提取与分类的性能.实验结果表明:其整体精确率比双向长短期记忆网络(BiLSTM)模型提升了2.25%.K折交叉验证结果表明:该模型泛化性能良好,避免了过拟合现象的发生,印证了该模型的有效性与合理性.

关键词: 网络入侵检测, 卷积神经网络, 双向门控循环单元, 注意力机制, 深度学习

CLC Number: