计算机科学
恒虚警率
异常检测
字节
特征(语言学)
人工智能
数据挖掘
特征选择
机器学习
语言学
操作系统
哲学
作者
Kunda Lin,Xiaolong Xu,Fu Xiao
标识
DOI:10.1016/j.comnet.2021.108658
摘要
Network malicious traffic detection is one of the essential tasks of computer networks, which has become an obstacle to network development as networks are expanding in size and complexity. Current works generally investigate a variety of features, while most of them suffer from high characteristic design cost, difficult feature selection, and poor real-time performance, etc. More seriously, data imbalance makes models hard to train, resulting in the low detection rate of abnormal samples. In this paper, we propose a multi-level feature fusion model (MFFusion) that combines data timing, byte, and statistical features to extract valid information from multiple perspectives, to obtain a more efficient and robust model. To deal with the problem of data imbalance, we propose the adaptive balance training method (ABT) and design a new loss function called Attention Loss. Experiments show that ABT can stabilize the training process, reduce the training time, and improve the model performance; Attention Loss adjusts the weights of samples adaptively, which improves the detection rate of abnormal samples. MFFusion has achieved the excellent performance of detection rate and false alarm rate on a series of real network datasets, outperforming other state of art works. We also apply MFFusion to IoT network anomaly detection with the latest IoT malicious traffic dataset IoT23. Experiments show that MFFusion is versatile, and it is suitable for network anomaly detection in the IoT environment, whose performance has reached the application level.
科研通智能强力驱动
Strongly Powered by AbleSci AI