CN115021987A - Internet of things intrusion detection method based on ARN - Google Patents
Internet of things intrusion detection method based on ARN Download PDFInfo
- Publication number
- CN115021987A CN115021987A CN202210572955.9A CN202210572955A CN115021987A CN 115021987 A CN115021987 A CN 115021987A CN 202210572955 A CN202210572955 A CN 202210572955A CN 115021987 A CN115021987 A CN 115021987A
- Authority
- CN
- China
- Prior art keywords
- arn
- intrusion detection
- hidden state
- internet
- past
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 79
- 239000011159 matrix material Substances 0.000 claims abstract description 15
- 230000000295 complement effect Effects 0.000 claims abstract description 9
- 238000012512 characterization method Methods 0.000 claims abstract description 4
- 238000000034 method Methods 0.000 claims description 24
- 238000012360 testing method Methods 0.000 claims description 15
- 238000012549 training Methods 0.000 claims description 9
- 238000013528 artificial neural network Methods 0.000 claims description 6
- 230000008569 process Effects 0.000 claims description 6
- 230000000306 recurrent effect Effects 0.000 claims description 3
- 239000013589 supplement Substances 0.000 abstract description 2
- 238000004422 calculation algorithm Methods 0.000 description 6
- 238000004364 calculation method Methods 0.000 description 3
- 238000011156 evaluation Methods 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000001788 irregular Effects 0.000 description 2
- 238000010801 machine learning Methods 0.000 description 2
- 230000014759 maintenance of location Effects 0.000 description 2
- 238000004088 simulation Methods 0.000 description 2
- 238000007619 statistical method Methods 0.000 description 2
- 230000004913 activation Effects 0.000 description 1
- 230000002547 anomalous effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Biophysics (AREA)
- General Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- Life Sciences & Earth Sciences (AREA)
- Computational Linguistics (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Artificial Intelligence (AREA)
- Molecular Biology (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Alarm Systems (AREA)
Abstract
The invention relates to the technical field of network security, in particular to an Internet of things intrusion detection method based on ARN, which uses self-attention to learn the relationship between past hidden state information and current time input information, thereby constructing an information complement matrix to supplement the current time input information, realizing the reset of the current time hidden state, removing the redundant part which can be represented by the current time information in the past hidden state and highlighting the part which is associated with the past hidden state in the current time information; and meanwhile, the ARN is used for performing characterization learning on the characteristics of the data traffic of the Internet of things, and the trained ARN model is used for detecting and analyzing the network data traffic, so that the safety state of the Internet of things is detected, and the technical problem of low detection accuracy of the traditional network safety intrusion detection method is solved.
Description
Technical Field
The invention relates to the technical field of network security, in particular to an Internet of things intrusion detection method based on an ARN.
Background
Intrusion detection has important research value as an important supplementary part of the firewall. Generally, existing intrusion detection methods can be classified into three categories: an intrusion detection method based on statistical analysis, an intrusion detection method based on time series and an intrusion detection method based on machine learning. Although the methods have certain effects on intrusion detection, the following problems still exist when the current large-scale, irregular and high-dimensional data of the internet of things is faced: intrusion detection methods based on statistical analysis require a large amount of mathematical calculations and analyses, resulting in a large amount of calculations. Meanwhile, when high-dimensional and irregular data are faced, the accuracy of intrusion detection is insufficient; the intrusion detection method based on the time sequence only takes time as an analysis factor and does not consider the influence of other external factors, so that the intrusion detection precision is not high; although the intrusion detection method based on machine learning can improve the accuracy of intrusion detection, the time sequence relation between data is not considered, so that the intrusion detection precision has certain limitation.
In addition, although the method based on the gated Recurrent neural network (GRU) can fully consider the time sequence relationship of the situation data in the intrusion detection, the reset Gate and the update Gate of the GRU conflict with each other in the retention degree of the past hidden state information.
Disclosure of Invention
The invention aims to provide an ARN-based Internet of things intrusion detection method, and aims to solve the problem that a reset gate and an update gate conflict with each other in the retention degree of past hidden state information in the GRU-based intrusion detection method, and solve the technical problem that the traditional network security intrusion detection method is low in detection accuracy.
In order to achieve the purpose, the invention provides an Internet of things intrusion detection method based on an ARN, which comprises the following steps:
initializing intrusion detection data into a training data set and a testing data set;
inputting the training data set into an ARN-based intrusion detection model for modeling to obtain a trained ARN model;
inputting the test data set into a trained ARN model to obtain a detection result;
and comparing the detection result with the real value to obtain a corresponding comparison result.
Wherein the ARN-based intrusion detection model is a variant model of a recurrent neural network, and self-attention is used for learning the relationship between the past hidden state and the input information at the current moment.
The implementation process of the ARN-based intrusion detection model comprises the following steps:
using the current input X t And past hidden state h t-1 Weight W of x And
to X t And h t-1 Initializing while making the current input X t And past hidden state h t-1 Have the same matrix dimensions;
hiding past state h using stack t-1 And current input X t Splicing together, and constructing self-attention input data;
learning past hidden state h using self-attention t-1 And current input X t Relationship between, constructing a complementary matrix h' t-1 ;
Will complement matrix h' t-1 Supplemented to the current input X t To realize the hidden state h at the current moment t Is reset.
Wherein the complementary matrix h' t-1 Containing the current input X t And past hidden state h t-1 Associated part, and past hidden state h t-1 The removal can be from the current input X t The portion remaining after the characterized redundant portion.
Wherein, the reset current time is in a hidden state h t Remove past concealmentThe redundant part of the hidden state that can be represented by the current time information highlights the part of the current time information that is associated with the hidden state in the past.
The invention provides an Internet of things intrusion detection method based on ARN, which uses self-attribute to learn the relationship between past hidden states and current time input information, thereby constructing an information complement matrix to supplement the current time input information, realizing the reset of the current time hidden states, removing redundant parts which can be represented by the current time information in the past hidden states and highlighting the parts which are associated with the past hidden states in the current time information; and meanwhile, the ARN is used for performing characterization learning on the characteristics of the data traffic of the Internet of things, and the trained ARN model is used for detecting and analyzing the network data traffic, so that the safety state of the Internet of things is detected, and the technical problem of low detection accuracy of the traditional network safety intrusion detection method is solved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flow chart of an intrusion detection method of the internet of things based on the ARN.
Fig. 2 is a schematic structural diagram of an ARN neural network in the present invention.
FIG. 3 is a graph comparing the accuracy of various methods in an embodiment of the present invention.
FIG. 4 is a graph comparing the results of Precision, Recall, and F1_ score experiments for various methods in accordance with embodiments of the present invention.
FIG. 5 is a graph comparing FRR experimental results of methods in accordance with an embodiment of the present invention.
FIG. 6 is a comparison of test detection efficiency for methods in accordance with embodiments of the present invention.
FIG. 7 is a graph comparing the overhead per data detection time for methods in accordance with embodiments of the invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative and intended to be illustrative of the invention and are not to be construed as limiting the invention.
Referring to fig. 1, the present invention provides an intrusion detection method for an internet of things based on an ARN, including the following steps:
s1: initializing intrusion detection data into a training data set and a testing data set;
s2: inputting the training data set into an ARN-based intrusion detection model for modeling to obtain a trained ARN model;
s3: inputting the test data set into a trained ARN model to obtain a detection result;
s4: and comparing the detection result with the real value to obtain a corresponding comparison result.
Specifically, the specific structure of ARN is shown in FIG. 2, wherein h t-1 Representing past hidden states, X t Representing the input at the current time, h t Represents the hidden state at the current moment, h' t-1 A supplementary information matrix after self-attention learning is represented.
The implementation process of the ARN-based intrusion detection model comprises the following steps:
first, with W x And
initialization of X t And h t-1 While making X t And h t-1 Have the same matrix dimensions and thus are convenient for subsequent correlation calculations. The formula is as follows:
X t =W x X t
secondly, use stack to get h t-1 And X t Stitched together, construct self-attention input data. The formula is as follows:
h stack =stack(h t-1 ,X t )
then, learn h using self-attitude t-1 And X t To construct a new complementary matrix h' t-1 . Matrix h' t-1 Comprising X t And h t-1 Associated part, and h t-1 Can be removed by X t The portion remaining after the redundant portion of the characterization. Only need to construct and h after self-attribute learning t-1 A corresponding matrix. The formula is as follows:
h’ t-1 =self-attention(h stack )
finally, h' t-1 Is supplemented to X t To realize h t Is reset. Reset h t Redundant parts of the past hidden state that can be represented by the current time information are removed, and parts of the current time information associated with the past hidden state are highlighted. The formula can be described as follows:
h t =h’ t-1 +X t
the following is further described with reference to specific embodiments and implementations:
1. experimental data
In a particular embodiment, the data set is selected using the public intrusion detection data set UNSW-NB 15. The UNSW-NB15 dataset contained 240044 pieces of data in total, of which 300000 pieces were anomalous data. Meanwhile, the data set contains 9 different anomaly categories. For the convenience of simulation experiments, 500000 pieces of data in the UNSW-NB15 data set were intercepted as training sets and 50000 pieces of data were intercepted as test sets.
2. Implementation process
The implementation flow (pseudo code algorithm) of the ARN-based intrusion detection method is shown in the following table:
in the pseudo code algorithm, the symbol X-train represents a training data set, Y-test represents a test data set, S represents a detection result, n represents training epoch, and R-L represents a real label. The realization process is as follows:
algorithm pseudocode line 1: all parameters and data sets are initialized.
Algorithm pseudocode line 3: and inputting the X-train into an ARN-based intrusion detection model for modeling.
Algorithm pseudocode line 5: inputting the Y-test into an ARN model to obtain a result S;
algorithm pseudocode line 6: and comparing the result S output by the ARN-based intrusion detection method with the true value R-L to obtain a corresponding comparison result.
Further, the present invention compares the experimental results with some existing intrusion detection methods. Specifically, experimental results of the ARN-based intrusion detection method of the present invention were compared with those of the GRU-based intrusion detection method, the AE-LSTM-based intrusion detection method, and the SAE-BP-based intrusion detection method.
Specific evaluation indexes are as follows:
accuracy, Precision, Recall, F1_ score, and FRR were used as experimental evaluation criteria to verify the effectiveness of our proposed ARN-based intrusion detection method. The evaluation criteria are defined as follows.
True Positive (TP): actually, the test result is positive.
True negative (True negative, TN): actually negative, the test result is also negative.
False Positive (FP): actually negative, but the test result was positive.
False Negative (FN): actually positive, but negative.
Accuracy: the percentage of correctly detected samples to the total samples is given by the following formula:
precision: the percentage of samples that tested positive and true positive also, is formulated as follows:
recall: the positive case in the sample is detected as the correct proportion, and the formula can be described as follows:
f1_ score, combining Precision and Recall results, and comprehensively evaluating the intrusion detection result, wherein the formula is as follows:
FRR is the proportion of detected errors in the positive case in the sample, and is formulated as follows:
firstly, the effectiveness is analyzed, please refer to fig. 3, and fig. 3 illustrates a comparison result of Accuracy of each method, as shown in fig. 3, compared with other three methods, the present invention effectively improves the detection Accuracy.
Further, referring to fig. 4, in the present embodiment, indexes such as Precision, Recall, and F1_ score are tested through a simulation experiment, and it is easily seen that the present invention is superior to other three existing methods in terms of Precision, Recall, and F1_ score, so that more effective intrusion detection can be provided, thereby effectively improving the security of the network device.
In addition, referring to fig. 5, the FRR of the present invention has significant advantages, and can reduce the waste of network resources on the FRR, thereby improving the protection performance of the security device.
In conclusion, the invention has obvious advantages compared with the GRU-based intrusion detection method, the AE-LSTM-based intrusion detection method and the SAE-BP-based intrusion detection method. This is because the SAE-BP based intrusion detection method fails to take the timing of data into account compared to the other three methods. In addition, compared with an intrusion detection method based on GRU and an intrusion detection method based on AE-LSTM, the invention can better process the relationship between the past time data and the current time data.
Next, the present embodiment further analyzes the efficiency, please refer to fig. 6 and 7, where fig. 6 shows the time overhead of the test set detection of the present invention and the other three methods, and fig. 7 shows the time overhead of each piece of data to be detected.
As can be seen from fig. 6 and 7, the efficiency of the present invention is second only to GRU-based intrusion detection methods. The reason is that ARN has a larger total number of operations than GRU. Meanwhile, the SAE-BP-based intrusion detection method and the AE-LSTM-based intrusion detection method are both composed of two different neural networks, and the realization of the two methods has more activation functions to carry out nonlinear transformation, so the total operation times are more.
In conclusion, the efficiency of the invention is close to that of the GRU-based intrusion detection method, and is superior to that of the other two methods. In addition, the invention has better accuracy.
While the invention has been described with reference to a preferred embodiment, it will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (5)
1. An Internet of things intrusion detection method based on an associative neural network (ARN), which is characterized by comprising the following steps:
initializing intrusion detection data into a training data set and a testing data set;
inputting the training data set into an ARN-based intrusion detection model for modeling to obtain a trained ARN model;
inputting the test data set into a trained ARN model to obtain a detection result;
and comparing the detection result with the real value to obtain a corresponding comparison result.
2. The method of claim 1, wherein the intrusion detection of the Internet of things based on the ARN is performed by a mobile terminal,
the ARN-based intrusion detection model is a variant model of a recurrent neural network, and self-attention is used for learning the relation between the past hidden state and the input information at the current moment.
3. The method of claim 2, wherein the intrusion detection of the Internet of things based on the ARN is performed by the network,
the implementation process of the ARN-based intrusion detection model comprises the following steps:
using the current input X t And past hidden state h t-1 Weight W of x And
to X t And h t-1 Initializing while making the current input X t And past hidden state h t-1 Have the same matrix dimensions;
hiding past state h using stack t-1 And the current input h t Splicing together to construct self-attention input data;
learning past hidden state h using self-attention t-1 And current input X t Relationship between, constructing a complementary matrix h' t-1 ;
Will complement matrix h' t-1 Supplemented to the current input X t To realize the hidden state h at the current moment t Is reset.
4. The method of claim 3, wherein the intrusion detection of the Internet of things based on the ARN is carried out,
the complementary matrix h' t-1 Containing the current input X t And past hidden state h t-1 Associated part, and past hidden state h t-1 The removal can be from the current input X t The portion remaining after the redundant portion of the characterization.
5. The method of claim 3, wherein the intrusion detection of the Internet of things based on the ARN is performed by a mobile terminal,
current time hidden state h after reset t Redundant parts of the past hidden state that can be represented by the current time information are removed, and parts of the current time information associated with the past hidden state are highlighted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210572955.9A CN115021987B (en) | 2022-05-24 | 2022-05-24 | ARN-based Internet of things intrusion detection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210572955.9A CN115021987B (en) | 2022-05-24 | 2022-05-24 | ARN-based Internet of things intrusion detection method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115021987A true CN115021987A (en) | 2022-09-06 |
| CN115021987B CN115021987B (en) | 2024-04-05 |
Family
ID=83069244
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210572955.9A Active CN115021987B (en) | 2022-05-24 | 2022-05-24 | ARN-based Internet of things intrusion detection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115021987B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160226894A1 (en) * | 2015-02-04 | 2016-08-04 | Electronics And Telecommunications Research Institute | System and method for detecting intrusion intelligently based on automatic detection of new attack type and update of attack type model |
| US20200120110A1 (en) * | 2018-10-15 | 2020-04-16 | Microsoft Technology Licensing, Llc | Neural network architectures employing interrelatedness |
| CN111327608A (en) * | 2020-02-14 | 2020-06-23 | 中南大学 | Application layer malicious request detection method and system based on cascade deep neural network |
| CN111669385A (en) * | 2020-05-29 | 2020-09-15 | 重庆理工大学 | Malicious traffic monitoring system fusing deep neural network and hierarchical attention mechanism |
| CN112800776A (en) * | 2021-03-10 | 2021-05-14 | 湖北工业大学 | Bidirectional GRU relation extraction data processing method, system, terminal and medium |
| CN113179279A (en) * | 2021-05-20 | 2021-07-27 | 哈尔滨凯纳科技股份有限公司 | Industrial control network intrusion detection method and device based on AE-CNN |
| CN113542241A (en) * | 2021-06-30 | 2021-10-22 | 杭州电子科技大学 | Intrusion detection method and device based on CNN-BiGRU mixed model |
| WO2022011977A1 (en) * | 2020-07-15 | 2022-01-20 | 中国科学院深圳先进技术研究院 | Network anomaly detection method and system, terminal and storage medium |
| CN114330487A (en) * | 2021-11-22 | 2022-04-12 | 桂林电子科技大学 | Wireless network security situation assessment method based on BIPMU |
-
2022
- 2022-05-24 CN CN202210572955.9A patent/CN115021987B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160226894A1 (en) * | 2015-02-04 | 2016-08-04 | Electronics And Telecommunications Research Institute | System and method for detecting intrusion intelligently based on automatic detection of new attack type and update of attack type model |
| US20200120110A1 (en) * | 2018-10-15 | 2020-04-16 | Microsoft Technology Licensing, Llc | Neural network architectures employing interrelatedness |
| CN111327608A (en) * | 2020-02-14 | 2020-06-23 | 中南大学 | Application layer malicious request detection method and system based on cascade deep neural network |
| CN111669385A (en) * | 2020-05-29 | 2020-09-15 | 重庆理工大学 | Malicious traffic monitoring system fusing deep neural network and hierarchical attention mechanism |
| WO2022011977A1 (en) * | 2020-07-15 | 2022-01-20 | 中国科学院深圳先进技术研究院 | Network anomaly detection method and system, terminal and storage medium |
| CN112800776A (en) * | 2021-03-10 | 2021-05-14 | 湖北工业大学 | Bidirectional GRU relation extraction data processing method, system, terminal and medium |
| CN113179279A (en) * | 2021-05-20 | 2021-07-27 | 哈尔滨凯纳科技股份有限公司 | Industrial control network intrusion detection method and device based on AE-CNN |
| CN113542241A (en) * | 2021-06-30 | 2021-10-22 | 杭州电子科技大学 | Intrusion detection method and device based on CNN-BiGRU mixed model |
| CN114330487A (en) * | 2021-11-22 | 2022-04-12 | 桂林电子科技大学 | Wireless network security situation assessment method based on BIPMU |
Non-Patent Citations (1)
| Title |
|---|
| XIAOLIN TAO, ZIYI LIU, CHANGSONG YANG, 《WIRELESS COMMUNICATIONS AND MOBILE COMPUTING》/AN EFFICIENT NETWORK SECURITY SITUATION ASSESSMENT METHOD BASED ON AE AND PMU * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115021987B (en) | 2024-04-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Hoang et al. | An efficient hidden Markov model training scheme for anomaly intrusion detection of server applications based on system calls | |
| CN102291392B (en) | Hybrid intrusion detection method based on Bagging algorithm | |
| CN113282759A (en) | Network security knowledge graph generation method based on threat information | |
| CN111930903A (en) | System anomaly detection method and system based on deep log sequence analysis | |
| CN113254643B (en) | Text classification method and device, electronic equipment and text classification program | |
| CN112685738B (en) | Malicious confusion script static detection method based on multi-stage voting mechanism | |
| CN105095756A (en) | Method and device for detecting portable document format document | |
| CN109871686A (en) | Rogue program recognition methods and device based on icon representation and software action consistency analysis | |
| CN113609488B (en) | Vulnerability detection method and system based on self-supervised learning and multichannel hypergraph neural network | |
| CN109063478A (en) | Method for detecting virus, device, equipment and the medium of transplantable executable file | |
| Muslea et al. | Adaptive view validation: A first step towards automatic view detection | |
| CN113516228A (en) | Network anomaly detection method based on deep neural network | |
| CN112035345A (en) | Mixed depth defect prediction method based on code segment analysis | |
| CN115270954A (en) | Unsupervised APT attack detection method and system based on abnormal node identification | |
| CN107403618B (en) | Audio event classification method based on stacking base sparse representation and computer equipment | |
| CN114386511A (en) | Malicious software family classification method based on multi-dimensional feature fusion and model integration | |
| CN115021987A (en) | Internet of things intrusion detection method based on ARN | |
| CN115242487B (en) | APT attack sample enhancement and detection method based on meta-behavior | |
| CN111240971A (en) | Method and device for generating wind control rule test case, server and storage medium | |
| Wang et al. | Feature attribution explanation to detect harmful dataset shift | |
| Govalkar et al. | Siamese Network based Pulse and Signal Attribute Identification | |
| Che et al. | An efficient intrusion detection approach based on hidden markov model and rough set | |
| Ouyang et al. | Binary vulnerability mining based on long short-term memory network | |
| Zeng et al. | A new anomaly detection method based on rough set reduction and HMM | |
| An et al. | CryptoDetection: A Cryptography Misuse Detection Method Based on Bi-LSTM |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |