融合WaveNet和BiGRU的网络入侵检测方法

为解决当前入侵检测算法对于网络入侵的多分类准确率普遍不高的问题, 鉴于网络入侵数据具有时间序列特性, 提出一种融合WaveNet和双向门控循环单元(bi-directional gated recurrent unit, BiGRU)的网络入侵检测方法。为解决原始攻击数据分布广、离散性强的问题, 首先对数据进行独热编码及归一化处理, 之后使用WaveNet进行卷积操作, 对数据进行序列缩短处理, 同时使用最大、平均池化融合的方法全面提取数据特征, 最后由BiGRU完成对模型的训练并实现分类。基于NSL-KDD、UNSW-NB15以及CIC-IDS2017数据集进行了对比实验, 结果表明, 所提方法对于上述数据集的准确率分别能够达到99.62%、83.98%以及99.86%, 较同类型的CNN-BiLSTM分别提升了0.4%、1.9%以及0.1%。

Network intrusion detection method based on WaveNet and BiGRU

In order to solve the problem that the accuracy of current intrusion detection algorithms for network intrusion multi classification is generally not high, in view of the time series characteristics of network intrusion data, a network intrusion detection method combining WaveNet and bi-directional gated recurrent unit (BiGRU) is proposed. In order to solve the problem of wide distribution and strong discreteness of the original attack data, the data is encoded and normalized firstly. Then the WaveNet is used for convolution operation to shorten the sequence of the data, and the data features are extracted by the maximum and average pooling parallel method. Finally, BiGRU completes the training of the model and realizes the classification. Based on NSL-KDD, UNSW-NB15 and CIC-IDS2017 data set, a comparative experiment is carried out. The results show that the accuracy of the proposed method for the above data sets can reach 99.62%, 83.98% and 99.86% respectively, which is 0.4%, 1.9% and 0.1% higher than that of CNN-BiLSTM of the same type.