A Deep Learning-Based Model for Classifying Malicious Network Traffic

Abstract

Network traffic, as a carrier of information transmission and interaction, portrays the behavior trajectory of users and functions as an important approach to detect network attacks and analyze network anomalies. To address the problems such as low recognition rate, high false alarm rate and inability to detect unknown traffic due to the difficulty of traffic feature extraction, over-reliance on manual experience and feature techniques in traditional network traffic analysis practice, this paper proposes a network traffic classification method that integrates mutual information and convolutional neural network, which, not relying too much on manual feature extraction, assigns weights to network features by mutual information and accomplishes the classification and analysis of malicious traffic based on convolutional neural network and short and long-term memory network. The experimental results show that the method can greatly improve the detection rate of malicious traffic with excellent robustness and generalization while reducing the artificial dependence.