AI Chat Paper
Note: Please note that the following content is generated by AMiner AI. SciOpen does not take any responsibility related to this content.
{{lang === 'zh_CN' ? '文章概述' : 'Summary'}}
{{lang === 'en_US' ? '中' : 'Eng'}}
Chat more with AI
Powered by AMiner. Clicking this button will take you away from SciOpen.
Home Journal of Tsinghua University (Science and Technology) Article
PDF (1.3 MB)
Cite
EndNote(RIS) BibTeX
Collect
Submit Manuscript AI Chat Paper
Show Outline
Outline
Show full outline
Hide outline
Outline
Show full outline
Hide outline
Publishing Language: Chinese

Network security situation assessments with parallel feature extraction and an improved BiGRU

Hongyu YANG1,2( )Zixin ZHANG2Liang ZHANG3
School of Safety Science and Engineering, Civil Aviation University of China, Tianjin 300300, China
School of Computer Science and Technology, Civil Aviation University of China, Tianjin 300300, China
Department of Information, University of Arizona, Tucson 85721, USA
Show Author Information

Abstract

Current network security situation assessment methods have limited feature extraction capabilities and can be more efficient. This paper presents a network security situation assessment method that uses a parallel feature extraction network (PFEN) and an improved bi-directional gate recurrent unit (BiGRU). A deep learning model is designed with a PFEN and a BiGRU based on an attention mechanism (ABiGRU). The PFEN module has parallel sparse auto-encoders which identify key data out of the network traffic and integrate this data with the original features. Then, the ABiGRU module weights the key features through the attention mechanism to improve the model accuracy. The trained PFEN-ABiGRU is then applied to network threat detection. The model detection results are combined with a network security quantification method to calculate a network security situation index. Tests indicate that the PFEN-ABiGRU assessments have better accuracy and recall rates than other model assessment results.

Keywords

attention mechanismparallel feature extractionbi-directional gate recurrent unit (BiGRU)situation assessments
CLC number: TP309 Document code: A Article ID: 1000-0054(2022)05-0842-07

References

[1]
CHEN C, YE L, YU X Z, et al. A survey of network security situational awareness technology [C]// International Conference on Artificial Intelligence and Security. New York, USA: Springer, 2019: 101-109.
Crossref
[2]

WEN L. Security evaluation of computer network based on hierarchy [J]. International Journal of Network Security, 2019, 21(5): 735-740.
Google Scholar
[3]

YANG M, JIANG R, GAO T L, et al. Research on cloud computing security risk assessment based on information entropy and Markov chain [J]. International Journal of Network Security, 2018, 20(4): 664-673.
Google Scholar
[4]
LI X N, LI M G, WANG H. Research on network security risk assessment method based on Bayesian reasoning [C]// 2019 IEEE 9th International Conference on Electronics Information and Emergency Communication (ICEIEC). Beijing, 2019: 1-7.
Crossref
[5]

ZHAO Z W, PENG Y, HUANG J H, et al. An evaluation method of network security situation using data fusion theory [J]. International Journal of Performability Engineering, 2020, 16(7): 1046-1057.
Crossref Google Scholar
[6]

ZHAO D M, SONG H Q, LI H. Fuzzy integrated rough set theory situation feature extraction of network security [J]. Journal of Intelligent & Fuzzy Systems, 2021, 40(4): 8439-8450.
Crossref Google Scholar
[7]
DONG G S, LI W C, WANG S W, et al. The assessment method of network security situation based on improved BP neural network [C]// The 8th International Conference on Computer Engineering and Networks. Berlin, Germany: Springer, 2018: 67-76.
Crossref
[8]
LIN Y, WANG J, TU Y, et al. Time-related network intrusion detection model: A deep learning method [C]// 2019 IEEE Global Communications Conference (GLOBECOM). Waikoloa, USA, 2019: 1-6.
Crossref
[9]
JAVAID A, NIYAZ Q, SUN W Q, et al. A deep learning approach for network intrusion detection system [C]// Proceedings of the 9th EAI International Conference on Bio-Inspired Information and Communications Technologies (Formerly BIONETICS). Brussels, Belgium: ICST, 2016: 21-26.
Crossref
[10]
LIU T L, YU Q, LIANG S, et al. Locate-then-detect: Real-time web attack detection via attention-based deep neural networks [C]// Proceedings of the 28th International Joint Conference on Artificial Intelligence Main Track (IJCAI). San Francisco, USA: Morgan Kaufmann, 2019: 4725-4731.
Crossref
[11]

HU J J, MA D Y, LIU C, et al. Network security situation prediction based on MR-SVM [J]. IEEE Access, 2019, 7: 130937-130945.
Crossref Google Scholar
[12]
LUONG M T, PHAM H, MANNING C D. Effective approaches to attention-based neural machine translation [C]// Proceedings of the 2015 Conference on Empirical Methods in Natural Language Processing. Lisbon, Portugal: ACL, 2015: 1412-1421.
Crossref
[13]

LIU X W, WANG H Q, LÜ H W, et al. Fusion-based cognitive awareness-control model for network security situation [J]. Journal of Software, 2016, 27(8): 2099-2114. (in Chinese)
Google Scholar
[14]
Forum of Incident Response and Security Teams. Common vulnerability scoring system v3.1: Specification document [EB/OL]. [2020-06-22]. https://www.first.org/cvss/specification-document.
[15]

State Council of the People's Republic of China. Overall emergency plans for national sudden public incidents [M]. Beijing: China Legal Press, 2006. (in Chinese)
[16]

FERRAG M A, MAGLARAS L, MOSCHOYIANNIS S, et al. Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study [J]. Journal of Information Security and Applications, 2020, 50: 102419.
Crossref Google Scholar
[17]

YANG H Y, WANG F Y, LÜ W L. Network security threat assessment method based on unsupervised generation reasoning [J]. Journal of Tsinghua University (Science and Technology), 2020, 60(6): 474-484. (in Chinese)
Google Scholar
[18]

YANG L Q, ZHANG J W, WANG X Z, et al. An improved ELM-based and data preprocessing integrated approach for phishing detection considering comprehensive features [J]. Expert Systems with Applications, 2021, 165: 113863.
Crossref Google Scholar
Journal of Tsinghua University (Science and Technology)
Volume 62 Issue 5,
May 2022
Pages 842-848
DOI: 10.16511/j.cnki.qhdxxb.2022.22.006
Cite this article:
YANG H, ZHANG Z, ZHANG L. Network security situation assessments with parallel feature extraction and an improved BiGRU. Journal of Tsinghua University (Science and Technology), 2022, 62(5): 842-848. https://doi.org/10.16511/j.cnki.qhdxxb.2022.22.006

102

Views

0

Downloads

0

Crossref

7

Scopus

3

CSCD

Altmetrics
Received: 22 September 2021
Published: 15 May 2022
© Journal of Tsinghua University (Science and Technology). All rights reserved.
Return