基于深度特征和Seq2Seq模型的网络态势预测方法

doi:10.11772/j.issn.1001-9081.2020010010

计算机应用 ›› 2020, Vol. 40 ›› Issue (8): 2241-2247.DOI: 10.11772/j.issn.1001-9081.2020010010

基于深度特征和Seq2Seq模型的网络态势预测方法

林志兴^1,2, 王立可³

1. 三明学院网络中心, 福建三明 365004;
2. 福建师范大学数学与信息学院, 福州 350007;
3. 中国科学院成都计算机应用研究所, 成都 610041

收稿日期:2020-01-03 修回日期:2020-04-12 发布日期:2020-04-16 出版日期:2020-08-10
通讯作者: 王立可(1993-),男,山东临沂人,硕士研究生,主要研究方向:自然语言处理、深度学习。964560581@qq.com
作者简介:林志兴(1973-),男,福建尤溪人,高级实验师,硕士,主要研究方向:信息化、网络安全。
基金资助:
国家自然科学基金资助项目（61771140）；2018年福建省科技厅自然科学基金资助项目（2018J01560）；2017年福建省中青年教师教育科研项目（JAT170552）；四川省科技计划项目（2018GZDZX0041，2019ZDZX0005，2019ZDZX0006）。

Network situation prediction method based on deep feature and Seq2Seq model

LIN Zhixing^1,2, WANG Like³

1. Network Center, Sanming University, Sanming Fujian 365004, China;
2. College of Mathematics and Informatics, Fujian Normal University, Fuzhou Fujian 350007, China;
3. Chengdu Institute of Computer Application, Chinese Academy of Sciences, Chengdu Sichuan 610041, China

Received:2020-01-03 Revised:2020-04-12 Online:2020-04-16 Published:2020-08-10
Supported by:
This work is partially supported by the National Natural Science Foundation of China (61771140), the Natural Science Foundation of Science and Technology Department of Fujian Province in 2018 (2018J01560), the Education and Scientific Research Project of Young and Middle-Aged Teachers in Fujian Province in 2017 (JAT170552), the Sichuan Science and Technology Program (2018GZDZX0041, 2019ZDZX0005, 2019ZDZX0006).

摘要/Abstract

摘要： 针对目前大多数的网络态势预测方法不能挖掘数据中的深度信息且需要手动提取与构造特征的问题，提出了深度特征网络态势预测方法DFS-Seq2Seq。首先将网络流、日志和系统事件等产生的数据进行清洗处理，使用深度特征融合算法自动合成深度关系特征，然后采用自动编码器对合成的特征进行提取，最后使用长短期记忆网络（LSTM）构建Seq2Seq模型对数据进行预测。通过设计缜密的实验在公开数据集Kent2016上对所提方法进行验证，结果显示在深度为2时与支持向量机（SVM）、贝叶斯、随机森林（RF）和LSTM这四种分类模型相比，其召回率分别提升了7.4%、11.5%、6.5%、3.0%。实验结果表明DFS-Seq2Seq可以在实际应用中有效地识别网络身份验证中的危险事件，对网络态势作出有效的预测。

关键词: 网络态势, 深度特征合成, 自动编码器, Seq2Seq模型, 双向长短期记忆网络

Abstract: In view of the problem that most existing network situation prediction methods are unable to mine the deep information in the data and need to manually extract and construct features, a deep feature network situation prediction method named DFS-Seq2Seq (Deep Feature Synthesis-Sequence to Sequence) was proposed. First, the data produced by network streams, logs and system events were cleaned, and the deep feature synthesis algorithm was used to automatically synthesize the deep relation features. Then the synthesized features were extracted by the AutoEncoder (AE). Finally, the data was estimated by using the Seq2Seq (Sequence to Sequence) model constructed by Long Short-Term Memory (LSTM). Through a well-designed experiment, the proposed method was verified on the public dataset Kent2016. Experimental results show that when the depth is 2, compared with four classification models including Support Vector Machine (SVM), Bayes, Random Forest (RF) and LSTM, the proposed method has the recall rate increased by 7.4%, 11.5%, 6.5% and 3.0%, respectively. It is verified that DFS-Seq2Seq can effectively identify dangerous events in network authentication and effectively predict network situation in practice.

Key words: network situation, deep feature synthesis, AutoEncoder (AE), Seq2Seq (Sequence to Sequence) model, Bi-directional Long Short-Term Memory (Bi-LSTM) network

中图分类号:

TP391

林志兴, 王立可. 基于深度特征和Seq2Seq模型的网络态势预测方法[J]. 计算机应用, 2020, 40(8): 2241-2247.

LIN Zhixing, WANG Like. Network situation prediction method based on deep feature and Seq2Seq model[J]. Journal of Computer Applications, 2020, 40(8): 2241-2247.

参考文献

[1] 陈雷,司志刚,鹤荣育,等. 基于改进自适应灰色模型的网络安全态势预测[J]. 计算机科学, 2014, 41(11A):259-262. (CHEN L, SI Z G, HE R Y, et al. Network security situation prediction based on improved adaptive grey model[J]. Computer Science, 2014, 41(11A):259-262.)
[2] 张勇东,陈思洋,彭雨荷,等. 基于深度学习的网络入侵检测研究综述[J]. 广州大学学报(自然科学版), 2019, 18(3):17-26. (ZHANG Y D, CHEN S Y, PENG Y H, et al. A survey of deep learning based network intrusion detection[J]. Journal of Guangzhou University (Natural Science Edition), 2019, 18(3):17-26.)
[3] FAROOQI A H, KHAN F A. Intrusion detection systems for wireless sensor networks:a survey[C]//Proceedings of the 2009 International Conference on Future Generation Communication and Networking, CCIS 56. Berlin:Springer, 2009:234-241.
[4] KUMAR G R, LANJEWAR U A. Intrusion detection and prevention system:classification and quick review[J]. International Journal of Computer Science and Information Security, 2012, 10(5):78-83.
[5] FUCHSBERGER A. Intrusion detection systems and intrusion prevention systems[J]. Information Security Technical Report, 2005, 10(3):134-139.
[6] ROUGHAN M, SEN S, SPATSCHECK O, et al. Class-of-service mapping for QoS:a statistical signature-based approach to IP traffic classification[C]//Proceedings of the 4th ACM SIGCOMM conference on Internet measurement. New York:ACM, 2004:135-148.
[7] YIN C, ZHU Y, FEI J, et al. A deep learning approach for intrusion detection using recurrent neural networks[J]. IEEE Access, 2017, 5:21954-21961.
[8] ZHANG L, WHITE G B. An approach to detect executable content for anomaly based network intrusion detection[C]//Proceedings of the 2007 IEEE Conference on International Parallel and Distributed Processing Symposium. Piscataway:IEEE, 2007:1-8.
[9] YUAN X, LI C, LI X. DeepDefense:identifying DDoS attack via deep learning[C]//Proceedings of the 2017 Conference on Smart Computing. Piscataway:IEEE, 2017:1-8.
[10] SUTSKEVER I, VINYALS O, LE Q V. Sequence to sequence learning with neural networks[C]//Proceedings of the 27th International Conference on Neural Information Processing Systems. Cambridge:MIT Press, 2014:3104-3112.
[11] NALLAPATI R, ZHOU B, DOS SANTOS C, et al. Abstractive text summarization using sequence-to-sequence RNNs and beyond[EB/OL].[2019-09-26]. https://arxiv.org/pdf/1602.06023.pdf.
[12] ZHOU H, HUANG M, ZHANG T, et al. Emotional chatting machine:emotional conversation generation with internal and external memory[EB/OL].[2019-04-04]. https://arxiv.org/pdf/1704.01074.pdf.
[13] WANG Z, HE W, WU H, et al. Chinese poetry generation with planning based neural network[EB/OL].[2019-10-31].https://arxiv.org/pdf/1610.09889.pdf.
[14] 陶涛,周喜,马博,等. 基于双向LSTM的Seq2Seq模型在加油站时序数据异常检测中的应用[J]. 计算机应用, 2019, 39(3):924-929. (TAO T, ZHOU X, MA B, et al. Abnormal time series data detection of gas station by Seq2Seq model based on bidirectional long short-term memory[J]. Journal of Computer Applications, 2019, 39(3):924-929.)
[15] LAMPLE G, CHARTON F. Deep learning for symbolic mathematics[EB/OL].[2019-12-02].https://arxiv.org/pdf/1912.01412.pdf
[16] KANTER J M, VEERAMACHANENI K. Deep feature synthesis:Towards automating data science endeavors[C]//Proceedings of the 2015 IEEE International Conference on Data Science and Advanced Analytics. Piscataway:IEEE, 2015:1-10.
[17] 袁非牛,章琳,史劲亭. 自编码神经网络理论及应用综述[J]. 计算机学报, 2019, 42(1):203-230. (YUAN F N, ZHANG L,SHI J T. Theories and applications of auto-encoder neural networks:a literature survey[J]. Chinese Journal of Computers, 2019, 42(1):203-230.)
[18] RAO K, PENG F, SAK H, et al. Grapheme-to-phoneme conversion using long short-term memory recurrent neural networks[C]//Proceedings of the 2015 IEEE International Conference on Acoustics, Speech and Signal Processing. Piscataway:IEEE, 2015:4225-4229.
[19] JI H, LONG J, FU Y, et al. Flow pattern identification based on EMD and LS-SVM for gas-liquid two-phase flow in a minichannel[J]. IEEE Transactions on Instrumentation and Measurement, 2011, 60(5):1917-1924.
[20] 丁君美,刘贵全,李慧. 改进随机森林算法在电信业客户流失预测中的应用[J]. 模式识别与人工智能, 2015, 28(11):1041-1049. (DING J M, LIU G Q, LI H. The application of improved random forest in the telecom customer churn prediction[J]. Pattern Recognition and Artificial Intelligence, 2015, 28(11):1041-1049.)
[21] HOERL A E, KENNARD R W. Ridge regression:biased estimation for nonorthogonal problems[J]. Technometrics, 1970, 12(1):55-67.

基于深度特征和Seq2Seq模型的网络态势预测方法

Network situation prediction method based on deep feature and Seq2Seq model

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	汪雨晴, 朱广丽, 段文杰, 李书羽, 周若彤. 基于交互注意力机制的心理咨询文本情感分类模型[J]. 《计算机应用》唯一官方网站, 2024, 44(8): 2393-2399.
[2]	吕锡婷, 赵敬华, 荣海迎, 赵嘉乐. 基于Transformer和关系图卷积网络的信息传播预测模型[J]. 《计算机应用》唯一官方网站, 2024, 44(6): 1760-1766.
[3]	罗歆然, 李天瑞, 贾真. 基于自注意力机制与词汇增强的中文医学命名实体识别[J]. 《计算机应用》唯一官方网站, 2024, 44(2): 385-392.
[4]	张奕, 王真梅. 图自动编码器上二阶段融合实现的环状RNA-疾病关联预测[J]. 《计算机应用》唯一官方网站, 2023, 43(6): 1979-1986.
[5]	张安勤, 王小慧. 基于时序异常检测的动力电池安全预警[J]. 《计算机应用》唯一官方网站, 2023, 43(12): 3799-3805.
[6]	尹春勇, 张杨春. 基于CNN和Bi-LSTM的无监督日志异常检测模型[J]. 《计算机应用》唯一官方网站, 2023, 43(11): 3510-3516.
[7]	胡婕, 胡燕, 刘梦赤, 张龑. 基于知识库实体增强BERT模型的中文命名实体识别[J]. 《计算机应用》唯一官方网站, 2022, 42(9): 2680-2685.
[8]	侯旭东, 滕飞, 张艺. 基于深度自编码的医疗命名实体识别模型[J]. 《计算机应用》唯一官方网站, 2022, 42(9): 2686-2692.
[9]	刘月峰, 张小燕, 郭威, 边浩东, 何滢婕. 基于优化混合模型的航空发动机剩余寿命预测方法[J]. 《计算机应用》唯一官方网站, 2022, 42(9): 2960-2968.
[10]	罗浩然, 杨青. 基于情感词典和堆叠残差的双向长短期记忆网络的情感分析[J]. 《计算机应用》唯一官方网站, 2022, 42(4): 1099-1107.
[11]	张毅, 王爽胜, 何彬, 叶培明, 李克强. 基于BERT的初等数学文本命名实体识别方法[J]. 《计算机应用》唯一官方网站, 2022, 42(2): 433-439.
[12]	曾兰兰, 王以松, 陈攀峰. 基于BERT和联合学习的裁判文书命名实体识别[J]. 《计算机应用》唯一官方网站, 2022, 42(10): 3011-3017.
[13]	杨悦, 王士同. 基于随机特征映射的四层多核学习方法[J]. 《计算机应用》唯一官方网站, 2022, 42(1): 16-25.
[14]	王小鹏, 孙媛媛, 林鸿飞. 基于刑事Electra的编-解码关系抽取模型[J]. 《计算机应用》唯一官方网站, 2022, 42(1): 87-93.
[15]	武国亮, 徐继宁. 基于命名实体识别任务反馈增强的中文突发事件抽取方法[J]. 计算机应用, 2021, 41(7): 1891-1896.