摘要
为解决网络入侵检测中信息利用不充分、特征维度不完整的问题,提出一种基于N-gram频率和1DCAN-DAT的网络入侵检测模型。该模型通过1D-CAN分别提取流量包头和有效载荷特征,创新性地使用N-gram频率表示有效载荷上下文信息。引入1D-DAT构建关联特征,并提取深层次会话特征。实验结果表明,不同攻击类型的加权检测准确率达到了97.68%,同部分现有研究相比有所提升。
In order to solve the problem of insufficient information utilization and incomplete feature dimension in network intrusion detection,a network intrusion detection model based on N-gram frequency and 1D-CAN-DAT is proposed.The model extracts the traffic header and effective payload characteristics respectively through 1D-CAN,where the N-gram frequency is innovatively used to represent the effective payload context information.In addition,1D-DAT is introduced to construct association features and to extract deep conversation features.The experimental results show that the weighted detection accuracy of different attack types reaches 97.68%,which is improved compared with those of some existing studies.
作者
郑淳戈
安洋
赵利辉
孟迪
ZHENG Chunge;AN Yang;ZHAO Lihui;MENG Di(School of Software,North University of China,Taiyuan 030051,China;North Automatic Control Technology Institute,Taiyuan 030006,China)
出处
《火力与指挥控制》
北大核心
2025年第9期54-64,共11页
Fire Control & Command Control
基金
山西省青年科学研究基金资助项目(202203021212114)。
