Optimizing BiLSTM Network Attack Prediction Based on Improved Gray Wolf Algorithm

Abstract

Aiming at the problems of low accuracy of network attack prediction and long response time of attack detection, bidirectional long short-term memory (BiLSTM) was used to predict network attacks. However, BiLSTM has the problems of difficulty in parameter setting and low accuracy of the prediction model. This paper first proposes the Improved Grey Wolf algorithm (IGWO) to optimize the BiLSTM (IGWO-BiLSTM). First, IGWO uses Dimension Learning Hunting (DLH) strategy to construct the wolf neighborhood. In the established wolf neighborhood, the BiLSTM parameters are iteratively optimized to obtain a prediction model with fast convergence speed and small reconstruction error. Secondly, the dataset is preprocessed, and the IP packet statistical signature (IPDCF) is defined according to the characteristics of denial of service (DOS) and distributed denial of service (DDOS) attacks. IPDCF was used to establish the time series model and network traffic time series data were input into IGWO-BiLSTM to get the prediction results. Finally, the DOS and DDOS network packets were input into the trained prediction model to obtain the prediction results of attack data. By comparing the predicted values of IGWO-BiLSTM normal network packets and attack packets, a reasonable threshold is set to provide the basis for the subsequent attack prediction. Experiments show that the IGWO-BiLSTM can reach 99.05% of the fitting degree and accurately distinguish network attacks from normal network demand increases.