Proceedings of the
The Nineteenth International Conference on Computational Intelligence and Security (CIS 2023)
December 1 – 4, 2023, Haikou, China
Network Traffic Anomaly Detection Based on CNN-LSTM Hybrid Neural Network
1School of Computer Science, Southwest Petroleum University, China.
2School of Electronic Information and Artificial Intelligence, China /EADDRESS/3Intelligent Network Security Detection and Evaluation Laboratory, China /EADDRESS/
ABSTRACT
Traditional network traffic anomaly detection mainly adopts feature matching and rule matching techniques, which are more effective in detecting a single attack type, but difficult to effectively recognize complex anomalous data patterns. In order to solve the above difficulties in network traffic anomaly detection, a network traffic anomaly detection method based on CNN-LSTM hybrid neural network by drawing on the advantages of convolutional neural network (CNN) and long short-term memory network (LSTM) is proposed in this paper. The anomaly detection process based on CNN-LSTM hybrid neural network is constructed. In order to facilitate effective preprocessing of network traffic data, a numerical method and a normalization method for network connection features are constructed. The CNN-LSTM hybrid deep learning network structure for network traffic anomaly detection is constructed, and the LSTM layer is added on top of the CNN for optimizing the analysis of anomaly data, while the network structure information is defined. Simulation experiments verify the effectiveness of the CNN-LSTM hybrid neural network in network traffic anomaly detection, and the comparison of the experimental results shows that the performance of the CNN-LSTM hybrid neural network proposed in this paper is effectively improved in network traffic anomaly detection compared with the classical discriminative neural network and shallow machine learning algorithms.
Keywords: Network flow, Anomaly detection, Deep learning, CNN, LSTM.
Download PDF
1School of Computer Science, Southwest Petroleum University, China.
2School of Electronic Information and Artificial Intelligence, China /EADDRESS/3Intelligent Network Security Detection and Evaluation Laboratory, China /EADDRESS/
ABSTRACT
Traditional network traffic anomaly detection mainly adopts feature matching and rule matching techniques, which are more effective in detecting a single attack type, but difficult to effectively recognize complex anomalous data patterns. In order to solve the above difficulties in network traffic anomaly detection, a network traffic anomaly detection method based on CNN-LSTM hybrid neural network by drawing on the advantages of convolutional neural network (CNN) and long short-term memory network (LSTM) is proposed in this paper. The anomaly detection process based on CNN-LSTM hybrid neural network is constructed. In order to facilitate effective preprocessing of network traffic data, a numerical method and a normalization method for network connection features are constructed. The CNN-LSTM hybrid deep learning network structure for network traffic anomaly detection is constructed, and the LSTM layer is added on top of the CNN for optimizing the analysis of anomaly data, while the network structure information is defined. Simulation experiments verify the effectiveness of the CNN-LSTM hybrid neural network in network traffic anomaly detection, and the comparison of the experimental results shows that the performance of the CNN-LSTM hybrid neural network proposed in this paper is effectively improved in network traffic anomaly detection compared with the classical discriminative neural network and shallow machine learning algorithms.
Keywords: Network flow, Anomaly detection, Deep learning, CNN, LSTM.
Download PDF