关键词: 网络安全, 入侵检测, 深度学习

Abstract:

A deep learning-based method for network anomaly detection is proposed to discriminate unknown attacks for an intrusion detection system. A confidence-based neural network is adopted to adaptively distinguish the traffic?information of given behaviors and?that of unknown attacks.?The proposed model?is trained to?assign a higher?confidence value to a piece of?traffic?information?from a known behavior and?a lower?confidence value to that?from an?unknown attack. Moreover, an adaptive loss balance strategy and a learning automata-based dynamic regularization strategy are designed?to improve the performance of the model. The proposed model is evaluated in benchmark datasets UNSW-NB15 and CICIDS 2017. Compared with traditional models, the simulation results indicate that the proposed model can detect the unknown attack effectively while preserving an advantageous classification effect for traffic from known attacks.

Key words: cyber security, intrusion detection, deep learning