| Summary: | To address the issue of low detection accuracy and high false positive rate in existing network intrusion detection methods, this paper proposes an intrusion detection model based on CNN-BiLSTM-Attention. Firstly, CNN is used to extract the spatial features from the intrusion data; Secondly, BiLSTM is used to mine the temporal features from the intrusion data further; Thirdly, the attention mechanism is used to assign different weights to the extracted spatiotemporal features and then enhance the role of important features in the calculation process, which can improve the classification accuracy of the model. In addition, for the problem of class imbalance existing in network intrusion data, Equalization Loss v2 is introduced as the loss function of the CNN-BiLSTM-Attention model, making the model pay more attention to minority class data during the training process, thereby improving the detection rate of the model for the minority class data. Finally, comparative experiments are conducted on NSL-KDD, UNSW-NB15, and CIC-DDoS2019 datasets. The experimental results show that the CNN-BiLSTM-Attention model outperforms the other models in terms of accuracy, detection rate, and false positive rate.
|
|---|