As Internet technology is developed and applied, the problems of large amounts of real-time traffic data and many unknown attacks are becoming increasingly serious, and intrusion detection systems have increased in efficiency and effectiveness. In this paper, a real-time traffic intrusion detection method based on Inception-LSTM deep neural network combining CNN and LSTM is proposed for improving label-based intrusion detection performance. Network traffic records are converted into 2D gray scale graphs. It extracts network traffic features using image processing techniques with high generalization ability. Experimental validation is performed on the publicly available CIC-IDS-2017 dataset, and the results show that the proposed Inception-LSTM neural network improves the detection accuracy and F1-score by 0.5% and 0.7%, respectively; the results of the comparison between the detection done on real-time captured traffic data and the network security devices show that the method is effective and feasible.
In response to the difficulty in detecting and evaluating Zero-day Attack in the field of network security, this paper proposes a novel network security situation assessment technology based on deep learning. This research introduces a two-phase assessment model to achieve the detection and assessment of unknown attacks. The first phase focuses on reconstruction-based network situation anomaly detection, which is utilized to detect and assess anomalous traffic, including unknown attacks. In the second phase, a network attack identification system is developed to identify various types of known attacks. The overall security situation value is quantified by applying a weighted average to the results obtained from both phases. The method was validated on the public benchmark dataset UNSW-NB15, and the experimental results showed that the proposed technique has the ability to evaluate unknown Zero-day attacks, and the evaluation of known attacks is better than the baseline and existing models. By leveraging this technology, network security managers can gain a comprehensive understanding of the current threat landscape faced by the network. This empowers them to actively defend the network security system, mitigate the risk of unknown network attacks to system resources, and ensure the overall security of the network system.
SQL injection attacks are pernicious forms of cyber assaults, and the integration of the TF-IDF algorithm into the domain of SQL injection detection has emerged as a prevailing trend. To address the shortcomings of traditional TF-IDF algorithms, which neglect feature distribution and insufficiently extract features, this paper proposes a detection method for SQL injection attacks based on the TF-IDF-CHI algorithm. This algorithm not only remedies the inadequacies of the TF-IDF algorithm in terms of feature distribution but also enhances feature extraction by incorporating category factors and an improved CHI statistical approach. Experimental findings substantiate an approximate 5% increase in precision compared to the traditional TF-IDF algorithm, thus underscoring the superior performance and efficacy of the proposed algorithm in detecting SQL injection attacks.
Traditional particle swarm optimization has attracted attention in various fields because of its relatively simple form and flexible parameter setting, but it also has the disadvantages of slow convergence speed and easy to fall into local optimization in the face of large-scale multivariate data. To solve this kind of problem, a chaotic multi-group optimization algorithm (CM-PSO) based on Graphics Processing Unit (GPU) is proposed. In the algorithm initialization stage, chaotic mapping is introduced to enhance population diversity, and then the population is divided into multiple small subgroups according to the idea of island model, and the Feng's topology is adopted within each subgroup to improve the search efficiency and reduce the computational complexity. Finally, the CUDA stream (streams) technology is used to realize grid-level parallelism, further improve the degree of algorithm parallelism, and improve the algorithm performance while ensuring the accuracy of the algorithm.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.