LSTM loop neural network model and network attack identification method based on the model

A cyclic neural network and network attack technology, which is applied in the field of network security, can solve problems such as manslaughtering normal business traffic, false positives or false positives, rule conflicts, etc., and achieve the effect of avoiding feature engineering, less feature coding, and smaller weight files

Active Publication Date: 2019-02-05
XIAMEN FUYUN INFORMATION TECH CO LTD
View PDF3 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This rule-based protection method often leads to false positives or false negatives in the face of flexible and changeable network attacks, and the formulation and maintenance of rules requires professional security-related personnel to be responsible. However, it is still difficult to cover attacks With various deformations, it is difficult to effectively deal with unknown attacks and 0day attacks, and there may even be conflicts between rules. In addition, it is difficult to grasp the balance between misjudgments and missed judgments in the formulation of rules. Too strict rules can easily kill normal business by mistake. flow, misjudgment
Rules that are too loose are easily bypassed, resulting in missed judgments

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • LSTM loop neural network model and network attack identification method based on the model
  • LSTM loop neural network model and network attack identification method based on the model
  • LSTM loop neural network model and network attack identification method based on the model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0036] refer to Figure 1~3 As shown, the present invention provides a kind of LSTM cycle neural network model that is used for network attack category recognition, and the establishment process of described LSTM cycle neural network model comprises the following steps:

[0037] S100: Collect multiple network request data in text format as a training data set, and set a label category for each network request data according to the content of the network request data.

[0038] The multiple refers to a large amount of data in this field, and the larger the amount of data, the more accurate the final model.

[0039] The network request data can be divided into multiple categories according to the type of network attack, mainly divided into normal network request data and attack category network request data, in this embodiment, mainly to distinguish SQL injection attack and XSS attack, therefore, the The above label categories include three types, namely category 1: normal netwo...

Embodiment 2

[0077] A network attack identification method, based on the LSTM cyclic neural network model for network attack category identification described in Embodiment 1, the method includes: preprocessing the network request data to obtain digital sequence data of a preset length, using The LSTM cyclic neural network model identifies the probability of the label category of the digital sequence data to obtain the category probability of each label category, and uses the label category corresponding to the dimension with the largest probability value in the category probability as the label category of the network request data. Choose whether to intercept according to the predicted results.

[0078] The identification of whether to intercept can specifically set a probability threshold, and intercept when the probability of category 2 or category 3 is greater than or equal to the probability threshold, otherwise, do not intercept.

[0079] In this embodiment, the probability threshold...

Embodiment 3

[0081] Such as Figure 5 As shown, a network attack identification system, based on the network attack identification method described in Embodiment 2, includes a data input unit, a data conversion unit, an LSTM model unit and a decision unit, and the data input unit receives the network request data Send to the data conversion unit, after the data conversion unit preprocesses and converts the network request data, after obtaining the digital sequence data of a preset length, sends the digital sequence data to the LSTM model unit, and the LSTM model unit The probability of the label category of the digital sequence data is identified, and the category probability of each label category is output to the decision-making unit, and the decision-making unit judges whether the probability that the data is an attack category is greater than or equal to a preset probability threshold, and if so, If it is intercepted, otherwise, it is not intercepted.

[0082] The attack category is a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an LSTM circulating neural network model and a network attack identification method based on the model, The LSTM loop neural network model building process comprises the following steps: S100, collecting network request data of a plurality of text formats as a training data set, and setting label categories for each network request data according to the content of the network request data; S200: preprocessing the network request data in the training data set, and converting the network request data into digital serial data with preset length; S300: According to the digital serial data in the training data set, the LSTM loop neural network model is constructed by training. The invention converts the network request data into digital serial data, and then uses the training data set composed of the data for training to construct the LSTM circulating neural network model, thereby realizing the prediction of the network request data category.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to an LSTM cycle neural network model and a network attack identification method based on the model. Background technique [0002] With the continuous advancement of information strategy and the vigorous development of technologies such as the Internet and cloud computing, more and more enterprise-related businesses have completed digital transformation and moved their business to the network. However, due to the openness and uncontrollability of network applications and the limitations of network application developers, network applications are very likely to have network vulnerabilities that can be exploited. Hackers can use these vulnerabilities to carry out network attacks such as SQL injection and XSS attacks, which bring risks such as website paralysis, information leakage, web page tampering, and Trojan horses, and bring huge losses to the main body of the website an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/02H04L12/24H04L29/06
CPCH04L41/145H04L63/1441H04L63/306G06N3/02G06F18/2415G06F18/214
Inventor 姚鸿富陈奋陈荣有程长高
Owner XIAMEN FUYUN INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap