Computer Network Attack Detection based on Joint CNN-LSTM Model with Attention Mechanism

Main Article Content

Miao Jiang
Pei Li

Abstract

This paper addresses the problem that category imbalance in the traffic data set limits the detection performance of classification models for a few classes of attack traffic. The proposed method, which we call Jcla-detect, is based on a joint attention mechanism and a 1-D convolutional neural network (1DCNN)-Bi LSTM model. First, the Borderline SMOTE technique is used to pre-process the imbalanced training samples of traffic data during the data preparation step. This balances the various forms of traffic data and makes it possible for the subsequent model to correctly train the various types of data. After training a 1DCNN-BiLSTM model and a joint attention mechanism using the traffic data, the model extracts and classifies the local and long-range sequence characteristics. Then, by assigning a weight to the features that are helpful for categorization based on their significance, the attention mechanism raises the detection rate of the few assault types. The experimental results show that this method is effective in increasing the minority class attack traffic detection rate, as the method’s detection accuracy can reach 93.17 for the URL dataset and it improves the detection rate of U2R attack traffic in the URL dataset by at least 13.70%. 

Article Details

Section
Special Issue - Adaptive AI-ML Technique for 6G/ Emerging Wireless Networks