基于深度特征和Seq2Seq模型的网络态势预测方法

doi:10.11772/j.issn.1001-9081.2020010010

计算机应用 ›› 2020, Vol. 40 ›› Issue (8): 2241-2247.DOI: 10.11772/j.issn.1001-9081.2020010010

基于深度特征和Seq2Seq模型的网络态势预测方法

林志兴^1,2, 王立可³

1. 三明学院网络中心, 福建三明 365004;
2. 福建师范大学数学与信息学院, 福州 350007;
3. 中国科学院成都计算机应用研究所, 成都 610041

收稿日期:2020-01-03 修回日期:2020-04-12 出版日期:2020-08-10 发布日期:2020-04-16
通讯作者: 王立可(1993-),男,山东临沂人,硕士研究生,主要研究方向:自然语言处理、深度学习。964560581@qq.com
作者简介:林志兴(1973-),男,福建尤溪人,高级实验师,硕士,主要研究方向:信息化、网络安全。
基金资助:
国家自然科学基金资助项目（61771140）；2018年福建省科技厅自然科学基金资助项目（2018J01560）；2017年福建省中青年教师教育科研项目（JAT170552）；四川省科技计划项目（2018GZDZX0041，2019ZDZX0005，2019ZDZX0006）。

Network situation prediction method based on deep feature and Seq2Seq model

LIN Zhixing^1,2, WANG Like³

1. Network Center, Sanming University, Sanming Fujian 365004, China;
2. College of Mathematics and Informatics, Fujian Normal University, Fuzhou Fujian 350007, China;
3. Chengdu Institute of Computer Application, Chinese Academy of Sciences, Chengdu Sichuan 610041, China

Received:2020-01-03 Revised:2020-04-12 Online:2020-08-10 Published:2020-04-16
Supported by:
This work is partially supported by the National Natural Science Foundation of China (61771140), the Natural Science Foundation of Science and Technology Department of Fujian Province in 2018 (2018J01560), the Education and Scientific Research Project of Young and Middle-Aged Teachers in Fujian Province in 2017 (JAT170552), the Sichuan Science and Technology Program (2018GZDZX0041, 2019ZDZX0005, 2019ZDZX0006).

摘要/Abstract

摘要： 针对目前大多数的网络态势预测方法不能挖掘数据中的深度信息且需要手动提取与构造特征的问题，提出了深度特征网络态势预测方法DFS-Seq2Seq。首先将网络流、日志和系统事件等产生的数据进行清洗处理，使用深度特征融合算法自动合成深度关系特征，然后采用自动编码器对合成的特征进行提取，最后使用长短期记忆网络（LSTM）构建Seq2Seq模型对数据进行预测。通过设计缜密的实验在公开数据集Kent2016上对所提方法进行验证，结果显示在深度为2时与支持向量机（SVM）、贝叶斯、随机森林（RF）和LSTM这四种分类模型相比，其召回率分别提升了7.4%、11.5%、6.5%、3.0%。实验结果表明DFS-Seq2Seq可以在实际应用中有效地识别网络身份验证中的危险事件，对网络态势作出有效的预测。

关键词: 网络态势, 深度特征合成, 自动编码器, Seq2Seq模型, 双向长短期记忆网络

Abstract: In view of the problem that most existing network situation prediction methods are unable to mine the deep information in the data and need to manually extract and construct features, a deep feature network situation prediction method named DFS-Seq2Seq (Deep Feature Synthesis-Sequence to Sequence) was proposed. First, the data produced by network streams, logs and system events were cleaned, and the deep feature synthesis algorithm was used to automatically synthesize the deep relation features. Then the synthesized features were extracted by the AutoEncoder (AE). Finally, the data was estimated by using the Seq2Seq (Sequence to Sequence) model constructed by Long Short-Term Memory (LSTM). Through a well-designed experiment, the proposed method was verified on the public dataset Kent2016. Experimental results show that when the depth is 2, compared with four classification models including Support Vector Machine (SVM), Bayes, Random Forest (RF) and LSTM, the proposed method has the recall rate increased by 7.4%, 11.5%, 6.5% and 3.0%, respectively. It is verified that DFS-Seq2Seq can effectively identify dangerous events in network authentication and effectively predict network situation in practice.

Key words: network situation, deep feature synthesis, AutoEncoder (AE), Seq2Seq (Sequence to Sequence) model, Bi-directional Long Short-Term Memory (Bi-LSTM) network

中图分类号:

TP391

林志兴, 王立可. 基于深度特征和Seq2Seq模型的网络态势预测方法[J]. 计算机应用, 2020, 40(8): 2241-2247.

LIN Zhixing, WANG Like. Network situation prediction method based on deep feature and Seq2Seq model[J]. Journal of Computer Applications, 2020, 40(8): 2241-2247.

参考文献

[1] 陈雷,司志刚,鹤荣育,等. 基于改进自适应灰色模型的网络安全态势预测[J]. 计算机科学, 2014, 41(11A):259-262. (CHEN L, SI Z G, HE R Y, et al. Network security situation prediction based on improved adaptive grey model[J]. Computer Science, 2014, 41(11A):259-262.)
[2] 张勇东,陈思洋,彭雨荷,等. 基于深度学习的网络入侵检测研究综述[J]. 广州大学学报(自然科学版), 2019, 18(3):17-26. (ZHANG Y D, CHEN S Y, PENG Y H, et al. A survey of deep learning based network intrusion detection[J]. Journal of Guangzhou University (Natural Science Edition), 2019, 18(3):17-26.)
[3] FAROOQI A H, KHAN F A. Intrusion detection systems for wireless sensor networks:a survey[C]//Proceedings of the 2009 International Conference on Future Generation Communication and Networking, CCIS 56. Berlin:Springer, 2009:234-241.
[4] KUMAR G R, LANJEWAR U A. Intrusion detection and prevention system:classification and quick review[J]. International Journal of Computer Science and Information Security, 2012, 10(5):78-83.
[5] FUCHSBERGER A. Intrusion detection systems and intrusion prevention systems[J]. Information Security Technical Report, 2005, 10(3):134-139.
[6] ROUGHAN M, SEN S, SPATSCHECK O, et al. Class-of-service mapping for QoS:a statistical signature-based approach to IP traffic classification[C]//Proceedings of the 4th ACM SIGCOMM conference on Internet measurement. New York:ACM, 2004:135-148.
[7] YIN C, ZHU Y, FEI J, et al. A deep learning approach for intrusion detection using recurrent neural networks[J]. IEEE Access, 2017, 5:21954-21961.
[8] ZHANG L, WHITE G B. An approach to detect executable content for anomaly based network intrusion detection[C]//Proceedings of the 2007 IEEE Conference on International Parallel and Distributed Processing Symposium. Piscataway:IEEE, 2007:1-8.
[9] YUAN X, LI C, LI X. DeepDefense:identifying DDoS attack via deep learning[C]//Proceedings of the 2017 Conference on Smart Computing. Piscataway:IEEE, 2017:1-8.
[10] SUTSKEVER I, VINYALS O, LE Q V. Sequence to sequence learning with neural networks[C]//Proceedings of the 27th International Conference on Neural Information Processing Systems. Cambridge:MIT Press, 2014:3104-3112.
[11] NALLAPATI R, ZHOU B, DOS SANTOS C, et al. Abstractive text summarization using sequence-to-sequence RNNs and beyond[EB/OL].[2019-09-26]. https://arxiv.org/pdf/1602.06023.pdf.
[12] ZHOU H, HUANG M, ZHANG T, et al. Emotional chatting machine:emotional conversation generation with internal and external memory[EB/OL].[2019-04-04]. https://arxiv.org/pdf/1704.01074.pdf.
[13] WANG Z, HE W, WU H, et al. Chinese poetry generation with planning based neural network[EB/OL].[2019-10-31].https://arxiv.org/pdf/1610.09889.pdf.
[14] 陶涛,周喜,马博,等. 基于双向LSTM的Seq2Seq模型在加油站时序数据异常检测中的应用[J]. 计算机应用, 2019, 39(3):924-929. (TAO T, ZHOU X, MA B, et al. Abnormal time series data detection of gas station by Seq2Seq model based on bidirectional long short-term memory[J]. Journal of Computer Applications, 2019, 39(3):924-929.)
[15] LAMPLE G, CHARTON F. Deep learning for symbolic mathematics[EB/OL].[2019-12-02].https://arxiv.org/pdf/1912.01412.pdf
[16] KANTER J M, VEERAMACHANENI K. Deep feature synthesis:Towards automating data science endeavors[C]//Proceedings of the 2015 IEEE International Conference on Data Science and Advanced Analytics. Piscataway:IEEE, 2015:1-10.
[17] 袁非牛,章琳,史劲亭. 自编码神经网络理论及应用综述[J]. 计算机学报, 2019, 42(1):203-230. (YUAN F N, ZHANG L,SHI J T. Theories and applications of auto-encoder neural networks:a literature survey[J]. Chinese Journal of Computers, 2019, 42(1):203-230.)
[18] RAO K, PENG F, SAK H, et al. Grapheme-to-phoneme conversion using long short-term memory recurrent neural networks[C]//Proceedings of the 2015 IEEE International Conference on Acoustics, Speech and Signal Processing. Piscataway:IEEE, 2015:4225-4229.
[19] JI H, LONG J, FU Y, et al. Flow pattern identification based on EMD and LS-SVM for gas-liquid two-phase flow in a minichannel[J]. IEEE Transactions on Instrumentation and Measurement, 2011, 60(5):1917-1924.
[20] 丁君美,刘贵全,李慧. 改进随机森林算法在电信业客户流失预测中的应用[J]. 模式识别与人工智能, 2015, 28(11):1041-1049. (DING J M, LIU G Q, LI H. The application of improved random forest in the telecom customer churn prediction[J]. Pattern Recognition and Artificial Intelligence, 2015, 28(11):1041-1049.)
[21] HOERL A E, KENNARD R W. Ridge regression:biased estimation for nonorthogonal problems[J]. Technometrics, 1970, 12(1):55-67.

基于深度特征和Seq2Seq模型的网络态势预测方法

Network situation prediction method based on deep feature and Seq2Seq model

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 10

编辑推荐

Metrics

[1]	武光利, 李雷霆, 郭振洲, 王成祥. 基于改进的双向长短期记忆网络的视频摘要生成模型[J]. 计算机应用, 2021, 41(7): 1908-1914.
[2]	武国亮, 徐继宁. 基于命名实体识别任务反馈增强的中文突发事件抽取方法[J]. 计算机应用, 2021, 41(7): 1891-1896.
[3]	李旭娟, 皮建勇, 黄飞翔, 贾海朋. 基于自生成深度神经网络的4D航迹预测[J]. 计算机应用, 2021, 41(5): 1492-1499.
[4]	徐萌, 王亚锟. 基于双向长短期记忆网络的DA40飞机碳刹车片剩余寿命预测[J]. 计算机应用, 2021, 41(5): 1527-1532.
[5]	许力, 李建华. 基于句法依存分析的图网络生物医学命名实体识别[J]. 计算机应用, 2021, 41(2): 357-362.
[6]	张亚, 金鑫, 江倩, 李昕洁, 董云云, 姚绍文. 基于自动编码器的深度伪造图像检测方法[J]. 计算机应用, 2021, 41(10): 2985-2990.
[7]	吴雨芯, 蔡婷, 张大斌. 基于层级注意力机制与双向长短期记忆神经网络的智能合约自动分类模型[J]. 计算机应用, 2020, 40(4): 978-984.
[8]	孟仕林, 赵蕴龙, 关东海, 翟象平. 融合情感与语义信息的情感分析方法[J]. 计算机应用, 2019, 39(7): 1931-1935.
[9]	张文达, 许悦雷, 倪嘉成, 马时平, 史鹤欢. 基于多尺度分块卷积神经网络的图像目标识别算法[J]. 计算机应用, 2016, 36(4): 1033-1038.
[10]	邓俊锋, 张晓龙. 基于自动编码器组合的深度学习优化方法[J]. 计算机应用, 2016, 36(3): 697-702.