Network abnormal traffic detection method based on fusion of chord similarity and multiple loss encoder

Abstract

AbstractFog computing, as a new distributed computing framework, extends the tasks originally done in the cloud data center to the edge of the network and brings more serious security challenges while providing convenience. Abnormal network traffic detection is an effective means to defense malicious behavior, can detect a variety of known attacks. Although the application of deep learning method in the field of network abnormal traffic detection is easier than traditional machine learning methods, there are still problems of poor recognition accuracy and false alarm rate. In this paper, we use the semi-supervised network anomaly detection model (NADLA) that combines the long-short-term memory neural network method and the self-encoder method to solve this problem. NADLA analyzes network traffic through the time characteristics and behavior characteristics of traffic, and optimizes the accuracy and false alarm rate of network traffic classification. In addition, we improved the preprocessing method to improve the sensitivity of the trained model to network abnormal traffic. The NADLA model is tested on NSL-KDD dataset, and the results show that the proposed model can improve the accuracy and F1-value of network anomaly traffic detection.