The most commonly used machine learning based systems in network security are shallow models based on carefully designed input features.The main limitation of this method is that handcrafted features can not be performed well in different scenarios and attack types,while deep learning model can learn the feature representation from the original,unprocessed data to solve this problem.Based on this,the ability of the deep learning model to detect abnormal network traffic is explored,using the raw measurements from the monitoring byte stream as input to the proposed model,and evaluating the feature representa-tion of the different raw traffic(packets and data streams level).A model based on deep learning is proposed,which can cap-ture basic statistics of abnormal traffic without requiring any type of handcrafted features.Experiments are conducted on public traffic tracking that included different types of abnormal traffic,and the results prove that the model has high accuracy in detec-ting abnormal traffic and is superior to traditional shallow models.
关键词
深度学习/网络安全/原始数据包/异常流量
Key words
deep learning/network security/raw packet/abnormal traffic
维普
万方数据