基于MHA-BiLSTM的网络流量异常检测方法
Anomaly Detection Method of Network Traffic Based on MHA-BiLSTM
叶文冰 1詹仕华2
作者信息
- 1. 福建农林大学 机电工程学院,福建 福州 350108
- 2. 福建农林大学 计算机与信息学院,福建 福州 350028
- 折叠
摘要
针对传统的网络流量异常检测方法存在识别准确率低、忽略特征之间的相互关系等问题,提出一种基于多头注意力机制(MHA)和融合Highway连接的双向长短时记忆网络(BiLSTM)的网络流量异常检测方法.通过使用多头注意力机制学习数据之间的特征关系,实现对不同维度特征关系的提取,接下来采用多层BiLSTM进行长距离依赖特征提取,并利用Highway连接来缓解深层网络训练中的梯度消失问题.通过NSL-KDD数据集,验证了该方法的准确度和有效性.
Abstract
A network traffic anomaly detection method based on MHA and BiLSTM connected with fused Highway is proposed to address the issues of low identification accuracy and neglect of inter-feature relationships in traditional network traffic anomaly detection methods.Through utilizing the MHA mechanism to learn feature relationships among data,the feature relationships of different dimensions are extracted.Subsequently,multiple layers of BiLSTM are employed for capturing long-term dependency features,while the Highway connections are utilized to alleviate the issue of gradient vanishing in deep network training.The accuracy and effectiveness of the proposed method are validated through the NSL-KDD dataset.
关键词
异常流量/多头自注意力机制/双向长短时记忆网络/Highway连接/深度学习Key words
abnormal traffic/multi-head self-attention mechanism/BiLSTM/Highway connection/Deep Learning引用本文复制引用
基金项目
福建省高等学校教育技术研究会基金项目(H2000134A)
福建农林大学横向科技创新基金项目(KHF190015)
出版年
2024
国家科技期刊平台
NSTL
万方数据