CN113098910A - Network intrusion detection method and system based on space-time granularity and three-width learning - Google Patents
Network intrusion detection method and system based on space-time granularity and three-width learning Download PDFInfo
- Publication number
- CN113098910A CN113098910A CN202110521018.6A CN202110521018A CN113098910A CN 113098910 A CN113098910 A CN 113098910A CN 202110521018 A CN202110521018 A CN 202110521018A CN 113098910 A CN113098910 A CN 113098910A
- Authority
- CN
- China
- Prior art keywords
- granularity
- width learning
- data
- space
- time granularity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/142—Network analysis or design using statistical or mathematical methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mathematical Physics (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Mathematical Analysis (AREA)
- Probability & Statistics with Applications (AREA)
- Pure & Applied Mathematics (AREA)
- Artificial Intelligence (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Medical Informatics (AREA)
- Mathematical Optimization (AREA)
- Algebra (AREA)
- Image Analysis (AREA)
Abstract
The invention relates to a network intrusion detection method and a system based on space-time granularity and three-width learning. The method comprises the following steps: step S1, collecting flow data from the network data flow, and constructing three characteristic data sets of time granularity, space granularity and data content after space-time granularity division; step S2, inputting the obtained three granularity characteristics into a three-width learning system; step S3, extracting high-dimensional features of each granularity by using a basic unit width learning model, wherein the high-dimensional features mainly comprise mapping features of feature nodes and enhanced nodes; step S4, connecting the three granularity characteristics in parallel to serve as the final extracted total characteristic; step S5, solving a global optimal solution by using a ridge regression generalized inverse algorithm to obtain a weight matrix, and storing the weight matrix; and step S6, inputting the data to be detected into the trained three-width learning model to obtain a classification result. The invention combines the incidence relation between the time-space multidimensional data and detects the network data flow through the granularity fusion of the three-width learning, thereby improving the detection precision.
Description
Technical Field
The invention relates to the field of intrusion detection and machine learning, in particular to a network intrusion detection method and a network intrusion detection system based on space-time granularity and three-width learning.
Background
The influence of the internet is continuously increasing and network services are widely used. The user size and economic benefits of online entertainment, online travel and online education have increased dramatically compared to the past. Meanwhile, countless network devices and application programs and explosive network data make the network environment become more and more complex, and great hidden danger is brought to network security. Network criminals are increasingly sophisticated in preempting the benefits of internet openness and are pushing attacks at an alarming rate. Therefore, network security has become an important issue that must be solved in the information-based construction of all departments. Network traffic data contains a large amount of time, space, load and statistics. Data analysis from different granularities may provide different contributions to anomaly detection and analysis results. For anomalous attacks of different protocols or services, anomalies may only be reflected in data related to several protocols or services, while other data is normal. Putting all data together for analysis can affect the judgment of the model on abnormal phenomena. Therefore, it is necessary to extract data features from different temporal and spatial granularities.
Disclosure of Invention
The invention aims to provide a network intrusion detection method based on space-time granularity and three-width learning, which combines the incidence relation among space-time multidimensional data and detects network data streams through granularity fusion, thereby improving the precision of a plurality of detection indexes.
In order to achieve the purpose, the technical scheme of the invention is as follows: a network intrusion detection method based on space-time granularity and three-width learning comprises the following steps:
step S1, collecting flow data from the network data flow, dividing according to the space-time granularity, and constructing three characteristic data sets of time granularity, space granularity and data content;
step S2, improving the BLS to be expanded to a three-width learning structure, and inputting three granularity characteristics;
step S3, extracting high-dimensional features of each granularity respectively by using a width learning basic unit, wherein the high-dimensional features comprise feature node mapping features and enhanced node mapping features;
step S4, connecting the three granularity characteristics in parallel to be used as the final extracted total characteristics;
step S5, solving a global optimal solution by using a ridge regression generalized inverse algorithm to obtain a weight matrix, and storing the weight matrix;
and step S6, inputting the data to be detected into the trained three-width learning model to obtain a classification result.
In an embodiment of the present invention, in step S2, the three-width learning structure is a three-width learning model with BLS as a basic unit, and the three-width learning structure is composed of three BLS units and is used for handling fusion problems with different granularities.
In an embodiment of the present invention, the step S3 specifically includes: assuming that Z and H represent the feature node and the enhancement node, respectively, and subscripts T, S and D represent the temporal granularity, the spatial granularity, and the data content, respectively, the feature expression for the temporal granularity is AT=[ZT|HT]The characteristic expression of the spatial granularity is AS=[ZS|HS]The characteristic expression of the data content is AD=[ZD|HD]。
In an embodiment of the present invention, the step S4 specifically includes: assuming that the number of input samples of the three-width learning model is N, the number of feature nodes is N, the number of enhancement nodes is m, mapping the three granularity features to the same sample space, and extracting the total feature of FN×3(n+m)=[AT N×(n+m)|AS N×(n+m)|AD N×(n+m)]。
In an embodiment of the present invention, the feature nodes and the enhanced nodes representing the time granularity may be represented as:andrepresentsThe feature nodes and enhancement nodes of spatial granularity may be represented as:andthe feature nodes and enhancement nodes representing data content may be represented as:andwherein z isi=δ(X·Wei+βei),hj=ξ(Zn·Whj+βhj),ziRepresents the ith characteristic node, hjRepresenting the jth enhancement node, X being given input data, WeiRandom initialization using He initialization method, and WhjAfter He initialization, orthogonal normalization is carried out, betaeiAnd betahjRandom initialization, δ and ξ represent the activation functions.
In an embodiment of the present invention, the step S5 specifically includes: the weight matrix W can be expressed as: w3(n+m)=[FN ×3(n+m)]+Y, to avoid overfitting, W can be calculated by a ridge regression formula, such that the matrix is nonsingular, the formula being as follows:
W3(n+m)=[(FN×3(n+m))TFN×3(n+m)+CI]-1(FN×3(n+m))TY
where Y is the sample label matrix, C is a normal number, and I is an identity matrix, FN×3(n+m)Is the total feature extracted in step S4.
The invention also provides a network intrusion detection system based on space-time granularity and three-width learning, which comprises a flow data acquisition module, a space-time granularity division module and a three-width learning module;
the flow data acquisition module is used for acquiring flow data from a network data stream;
the space-time granularity division module is used for dividing the acquired flow data according to the space-time granularity and constructing three characteristic data sets of the time granularity, the space granularity and the data content;
the three-width learning module obtains the trained three-width learning model by constructing a three-width learning model based on three BLS as basic units and training three characteristic data sets, and further realizes the classification detection of data to be detected.
Compared with the prior art, the invention has the following beneficial effects: the invention combines the incidence relation between the time-space multidimensional data, detects the network data flow through granularity fusion, and remarkably improves the detection precision compared with a typical width learning algorithm.
Drawings
FIG. 1 is a schematic flow chart of a method according to an embodiment of the present invention.
FIG. 2 is a schematic diagram of spatiotemporal granularity data partitioning according to an embodiment of the present invention.
Fig. 3 is a three-width learning configuration diagram of an embodiment of the present invention.
Fig. 4 is a three-width dimensional model of an embodiment of the invention.
FIG. 5 is a three-width learning two-class detection performance analysis (UNSW-NB15 dataset) of an embodiment of the present invention.
FIG. 6 is a three-width learning two-class detection performance analysis (CIC-IDS2017 dataset) of an embodiment of the present invention.
FIG. 7 is a three-width learning multi-class detection performance analysis (UNSW-NB15 dataset) of an embodiment of the present invention.
FIG. 8 is a three-width learning multi-class detection performance analysis (CIC-IDS2017 dataset) of an embodiment of the present invention.
Detailed Description
The technical scheme of the invention is specifically explained below with reference to the accompanying drawings.
The invention provides a network intrusion detection method based on space-time granularity and three-width learning, which comprises the steps of preprocessing public UNSW-NB15 and CIC-IDS2017 data sets; then, dividing the data into three characteristic data sets, namely time granularity, space granularity and data content; retraining a three-wide learning system (TBLS) to correctly combine the relationship between the spatio-temporal granularities; and finally, carrying out anomaly detection on the real-time flow by adopting a trained three-width anomaly flow detection model. As shown in fig. 1, the method specifically comprises the following steps:
step (1): collecting network flow and preprocessing the network flow;
converting attribute values of the protocol feature, the service feature and the status feature into numerical values for the UNSW-NB15 dataset; for CIC-IDS2017 data set, the data set of the day of Wednesday is selected, and redundant and abnormal feature items are removed, such as: fwd Header Length, Flow Packets/s, and Flow Packets/s.
Step (2): and (3) dividing space-time granularity data:
as shown in fig. 2, for the corresponding meaning of each feature item in the data set, the features belonging to the space-time granularity are extracted, the features belonging to the space granularity are extracted, and the rest are used as the data content;
and (3): learning in three widths;
as shown in fig. 3 and 4, a width learning system (BLS) is modified and expanded to three-width learning, and three granularity features are input; respectively extracting high-dimensional features of each granularity by using a width learning unit, wherein the high-dimensional features mainly comprise feature node mapping features and enhanced node mapping features; connecting three granularity characteristics in parallel to serve as the total characteristics extracted finally; and solving a global optimal solution by using a ridge regression generalized inverse algorithm to obtain a weight matrix, and storing the weight matrix.
Preferably, in this embodiment, the three-width learning structure specifically includes: the three-width learning structure is a three-width learning model taking BLS as a basic unit, mainly comprises three BLS units and is used for processing fusion problems with different granularities.
Preferably, in this embodiment, the feature extraction of each granularity is specifically: assuming that Z and H represent the feature node and the enhancement node, respectively, and subscripts T, S and D represent temporal granularity, spatial granularity, and data content, the feature expression for temporal granularity is AT=[ZT|HT]The characteristic expression of the spatial granularity is AS=[ZS|HS]The characteristic expression of the data content is AD=[ZD|HD]。
Preferably, in this embodiment, the final characteristics are specifically: assuming that the number of input samples of the three-width model is N, the number of feature nodes is N, the number of enhancement nodes is m, mapping the three granularity features to the same sample space, and extracting the total feature as FN×3(n+m)=[AT N×(n+m)|AS N×(n+m)|AD N×(n+m)]。
Preferably, in this embodiment, the feature node and the enhanced node representing the time granularity may be respectively represented as:andsimilarly, the spatial granularity and data content may be expressed as:and andwherein z isi=δ(X·Wei+βei),hj=ξ(Zn·Whj+βhj),ziRepresents the ith characteristic node, hjRepresenting the jth enhancement node, X being given input data, WeiRandom initialization using He initialization method, and WhjAfter He initialization, orthogonal normalization is carried out, betaeiAnd betahjRandom initialization, δ and ξ represent the activation functions.
Preferably, in this embodiment, the weight matrix W is: w3(n+m)=[FN×3(n+m)]+Y, to avoid overfitting, W can be calculated by a ridge regression formula, making the matrix non-singular, the formula being: w3(n+m)=[(FN×3(n+m))TFN×3(n+m)+CI]-1(FN×3(n+m))TY, where Y is the sample label matrix, C is a normal number, and I is an identity matrix.
And (4): testing flow data;
and performing the same data preprocessing and granularity division on the flow data to be tested, ensuring the characteristic dimension same as that of the training data set, and then transmitting the characteristic dimension into the trained three-width model for detection.
Preferably, in the simulation experiment process of the embodiment, the training set and the test set provided by the UNSW-NB15 data set are adopted; for CIC-IDS2017(Wed.) data set, 20% of training set and 80% of test set were used. All experiments were performed using an Intel Xeon CPU with 2.60GHz and 16GB RAM, Python 3.7 running on a Ubuntu LTS 16.04-64 bit operating system. In addition, to ensure the reliability of the experimental data, the average value and the standard deviation of 20 runs are taken as the final experimental result. Fig. 5 and 6 are detection results of the two classifications, and it can be found that in the two data sets, each evaluation index of the three-width learning is optimal and different, and compared with the typical width learning, the standard deviation is smaller, and the value representing the three-width learning is closer to the average value, i.e. the data is more accurate. Fig. 7 and 8 show the multi-classification detection results, and all the evaluation indexes are optimal, which illustrates that the multi-classification accuracy can be improved well by the three-width learning model.
The above description is only a preferred embodiment of the present invention, and all equivalent changes and modifications made in accordance with the claims of the present invention should be covered by the present invention.
Claims (7)
1. A network intrusion detection method based on space-time granularity and three-width learning is characterized by comprising the following steps:
step S1, collecting flow data from the network data flow, dividing according to the space-time granularity, and constructing three characteristic data sets of time granularity, space granularity and data content;
step S2, improving the BLS to be expanded to a three-width learning structure, and inputting three granularity characteristics;
step S3, extracting high-dimensional features of each granularity respectively by using a width learning basic unit, wherein the high-dimensional features comprise feature node mapping features and enhanced node mapping features;
step S4, connecting the three granularity characteristics in parallel to be used as the final extracted total characteristics;
step S5, solving a global optimal solution by using a ridge regression generalized inverse algorithm to obtain a weight matrix, and storing the weight matrix;
and step S6, inputting the data to be detected into the trained three-width learning model to obtain a classification result.
2. The method of claim 1, wherein in step S2, the three-width learning structure is a three-width learning model with BLS as basic unit, and the three-width learning structure is composed of three BLS units and is used for handling fusion problems with different granularities.
3. The method for detecting network intrusion based on spatio-temporal granularity and three-width learning according to claim 1, wherein the step S3 specifically comprises: let Z and H denote the feature node and the enhancement node, respectively, and subscripts T, S and D denote temporal granularity, space, respectivelyGranularity and data content, the characteristic expression of the time granularity is AT=[ZT|HT]The characteristic expression of the spatial granularity is AS=[ZS|HS]The characteristic expression of the data content is AD=[ZD|HD]。
4. The method for detecting network intrusion based on spatio-temporal granularity and three-width learning according to claim 3, wherein the step S4 specifically comprises: assuming that the number of input samples of the three-width learning model is N, the number of feature nodes is N, the number of enhancement nodes is m, mapping the three granularity features to the same sample space, and extracting the total feature of FN×3(n+m)=[AT N×(n+m)|AS N×(n+m)|AD N×(n+m)]。
5. The method of claim 4, wherein the feature nodes and the enhanced nodes representing the time granularity are respectively expressed as:andthe feature nodes and enhancement nodes representing spatial granularity may be represented as:andthe feature nodes and enhancement nodes representing data content may be represented as:andwherein z isi=δ(X·Wei+βei),hj=ξ(Zn·Whj+βhj),ziRepresents the ith characteristic node, hjRepresenting the jth enhancement node, X being given input data, WeiRandom initialization using He initialization method, and WhjAfter He initialization, orthogonal normalization is carried out, betaeiAnd betahjRandom initialization, δ and ξ represent the activation functions.
6. The method for detecting network intrusion based on spatio-temporal granularity and three-width learning according to claim 1, wherein the step S5 specifically comprises: the weight matrix W can be expressed as: w3(n+m)=[FN×3(n+m)]+Y, to avoid overfitting, W can be calculated by a ridge regression formula, such that the matrix is nonsingular, the formula being as follows:
W3(n+m)=[(FN×3(n+m))TFN×3(n+m)+CI]-1(FN×3(n+m))TY
where Y is the sample label matrix, C is a normal number, and I is an identity matrix, FN×3(n+m)Is the total feature extracted in step S4.
7. A network intrusion detection system based on space-time granularity and three-width learning is characterized by comprising a flow data acquisition module, a space-time granularity division module and a three-width learning module;
the flow data acquisition module is used for acquiring flow data from a network data stream;
the space-time granularity division module is used for dividing the acquired flow data according to the space-time granularity and constructing three characteristic data sets of the time granularity, the space granularity and the data content;
the three-width learning module obtains the trained three-width learning model by constructing a three-width learning model based on three BLS as basic units and training three characteristic data sets, and further realizes the classification detection of data to be detected.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110521018.6A CN113098910B (en) | 2021-05-13 | 2021-05-13 | Network intrusion detection method and system based on space-time granularity and three-width learning |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110521018.6A CN113098910B (en) | 2021-05-13 | 2021-05-13 | Network intrusion detection method and system based on space-time granularity and three-width learning |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113098910A true CN113098910A (en) | 2021-07-09 |
CN113098910B CN113098910B (en) | 2022-05-10 |
Family
ID=76665392
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110521018.6A Active CN113098910B (en) | 2021-05-13 | 2021-05-13 | Network intrusion detection method and system based on space-time granularity and three-width learning |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113098910B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115249133A (en) * | 2022-09-22 | 2022-10-28 | 华南理工大学 | Building construction process risk classification method based on width learning network |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109035762A (en) * | 2018-06-28 | 2018-12-18 | 浙江大学 | A kind of traffic speed prediction technique based on the study of space-time width |
CN110213244A (en) * | 2019-05-15 | 2019-09-06 | 杭州电子科技大学 | A kind of network inbreak detection method based on space-time characteristic fusion |
CN110458077A (en) * | 2019-08-05 | 2019-11-15 | 高新兴科技集团股份有限公司 | A kind of vehicle color identification method and system |
CN111401443A (en) * | 2020-03-16 | 2020-07-10 | 重庆大学 | Width learning system based on multi-feature extraction |
CN111598236A (en) * | 2020-05-20 | 2020-08-28 | 中国矿业大学 | Width learning system network model compression method |
CN111641598A (en) * | 2020-05-11 | 2020-09-08 | 华南理工大学 | Intrusion detection method based on width learning |
CN111696345A (en) * | 2020-05-08 | 2020-09-22 | 东南大学 | Intelligent coupled large-scale data flow width learning rapid prediction algorithm based on network community detection and GCN |
CN111709523A (en) * | 2020-06-19 | 2020-09-25 | 中国矿业大学 | Width learning method based on internal integration |
CN112766360A (en) * | 2021-01-15 | 2021-05-07 | 浙江工业大学 | Time sequence classification method and system based on time sequence bidimensionalization and width learning |
-
2021
- 2021-05-13 CN CN202110521018.6A patent/CN113098910B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109035762A (en) * | 2018-06-28 | 2018-12-18 | 浙江大学 | A kind of traffic speed prediction technique based on the study of space-time width |
CN110213244A (en) * | 2019-05-15 | 2019-09-06 | 杭州电子科技大学 | A kind of network inbreak detection method based on space-time characteristic fusion |
CN110458077A (en) * | 2019-08-05 | 2019-11-15 | 高新兴科技集团股份有限公司 | A kind of vehicle color identification method and system |
CN111401443A (en) * | 2020-03-16 | 2020-07-10 | 重庆大学 | Width learning system based on multi-feature extraction |
CN111696345A (en) * | 2020-05-08 | 2020-09-22 | 东南大学 | Intelligent coupled large-scale data flow width learning rapid prediction algorithm based on network community detection and GCN |
CN111641598A (en) * | 2020-05-11 | 2020-09-08 | 华南理工大学 | Intrusion detection method based on width learning |
CN111598236A (en) * | 2020-05-20 | 2020-08-28 | 中国矿业大学 | Width learning system network model compression method |
CN111709523A (en) * | 2020-06-19 | 2020-09-25 | 中国矿业大学 | Width learning method based on internal integration |
CN112766360A (en) * | 2021-01-15 | 2021-05-07 | 浙江工业大学 | Time sequence classification method and system based on time sequence bidimensionalization and width learning |
Non-Patent Citations (2)
Title |
---|
HAO ZHANG.ET: ""A New Network Intrusion Detection based on Semisupervised Dimensionality Reduction and TriLightGBM"", 《2020 INTERNATIONAL CONFERENCE ON PERVASIVE ARTIFICIAL INTELLIGENCE》 * |
ZHANG HAO.ET: ""Multi-dimensional feature fusion and stacking ensemble mechanism"", 《FUTURE GENERATION COMPUTER SYSTEMS》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115249133A (en) * | 2022-09-22 | 2022-10-28 | 华南理工大学 | Building construction process risk classification method based on width learning network |
Also Published As
Publication number | Publication date |
---|---|
CN113098910B (en) | 2022-05-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111199343B (en) | Multi-model fusion tobacco market supervision abnormal data mining method | |
CN108737406B (en) | Method and system for detecting abnormal flow data | |
Özgür et al. | A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015 | |
CN110287983B (en) | Single-classifier anomaly detection method based on maximum correlation entropy deep neural network | |
Jian et al. | Support vector machine for recognition of cucumber leaf diseases | |
CN104601565B (en) | A kind of network invasion monitoring sorting technique of intelligent optimization rule | |
CN111629006B (en) | Malicious flow updating method fusing deep neural network and hierarchical attention mechanism | |
CN103632168A (en) | Classifier integration method for machine learning | |
CN110134787A (en) | A kind of news topic detection method | |
CN110868414B (en) | Industrial control network intrusion detection method and system based on multi-voting technology | |
CN111669385B (en) | Malicious traffic monitoring system fusing deep neural network and hierarchical attention mechanism | |
CN111523588B (en) | Method for classifying APT attack malicious software traffic based on improved LSTM | |
Sivamohan et al. | An effective recurrent neural network (RNN) based intrusion detection via bi-directional long short-term memory | |
Monshizadeh et al. | Improving data generalization with variational autoencoders for network traffic anomaly detection | |
CN115811440B (en) | Real-time flow detection method based on network situation awareness | |
CN113098910B (en) | Network intrusion detection method and system based on space-time granularity and three-width learning | |
Manimaran et al. | A comprehensive novel model for network speech anomaly detection system using deep learning approach | |
CN109104728A (en) | A kind of ELM classification intrusion detection method based on improvement LDA dimensionality reduction | |
CN115277888B (en) | Method and system for analyzing message type of mobile application encryption protocol | |
CN111461184A (en) | XGB multi-dimensional operation and maintenance data anomaly detection method based on multivariate feature matrix | |
Acharya et al. | Efficacy of CNN-bidirectional LSTM hybrid model for network-based anomaly detection | |
CN113705715B (en) | Time sequence classification method based on LSTM and multi-scale FCN | |
CN115392351A (en) | Risk user identification method and device, electronic equipment and storage medium | |
Ali et al. | Air Quality prediction using Multinomial Logistic Regression | |
CN115964478A (en) | Network attack detection method, model training method and device, equipment and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |