MTC-NET: A Multi-Channel Independent Anomaly Detection Method for Network Traffic.

IF 3.4 3区 医学 Q1 ENGINEERING, MULTIDISCIPLINARY
Xiaoyong Zhao, Chengjin Huang, Lei Wang
{"title":"MTC-NET: A Multi-Channel Independent Anomaly Detection Method for Network Traffic.","authors":"Xiaoyong Zhao, Chengjin Huang, Lei Wang","doi":"10.3390/biomimetics9100615","DOIUrl":null,"url":null,"abstract":"<p><p>In recent years, deep learning-based approaches, particularly those leveraging the Transformer architecture, have garnered widespread attention for network traffic anomaly detection. However, when dealing with noisy data sets, directly inputting network traffic sequences into Transformer networks often significantly degrades detection performance due to interference and noise across dimensions. In this paper, we propose a novel multi-channel network traffic anomaly detection model, MTC-Net, which reduces computational complexity and enhances the model's ability to capture long-distance dependencies. This is achieved by decomposing network traffic sequences into multiple unidimensional time sequences and introducing a patch-based strategy that enables each sub-sequence to retain local semantic information. A backbone network combining Transformer and CNN is employed to capture complex patterns, with information from all channels being fused at the final classification header in order to achieve modelling and detection of complex network traffic patterns. The experimental results demonstrate that MTC-Net outperforms existing state-of-the-art methods in several evaluation metrics, including accuracy, precision, recall, and F1 score, on four publicly available data sets: KDD Cup 99, NSL-KDD, UNSW-NB15, and CIC-IDS2017.</p>","PeriodicalId":8907,"journal":{"name":"Biomimetics","volume":"9 10","pages":""},"PeriodicalIF":3.4000,"publicationDate":"2024-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC11506297/pdf/","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Biomimetics","FirstCategoryId":"5","ListUrlMain":"https://doi.org/10.3390/biomimetics9100615","RegionNum":3,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, MULTIDISCIPLINARY","Score":null,"Total":0}
引用次数: 0

Abstract

In recent years, deep learning-based approaches, particularly those leveraging the Transformer architecture, have garnered widespread attention for network traffic anomaly detection. However, when dealing with noisy data sets, directly inputting network traffic sequences into Transformer networks often significantly degrades detection performance due to interference and noise across dimensions. In this paper, we propose a novel multi-channel network traffic anomaly detection model, MTC-Net, which reduces computational complexity and enhances the model's ability to capture long-distance dependencies. This is achieved by decomposing network traffic sequences into multiple unidimensional time sequences and introducing a patch-based strategy that enables each sub-sequence to retain local semantic information. A backbone network combining Transformer and CNN is employed to capture complex patterns, with information from all channels being fused at the final classification header in order to achieve modelling and detection of complex network traffic patterns. The experimental results demonstrate that MTC-Net outperforms existing state-of-the-art methods in several evaluation metrics, including accuracy, precision, recall, and F1 score, on four publicly available data sets: KDD Cup 99, NSL-KDD, UNSW-NB15, and CIC-IDS2017.

MTC-NET:网络流量的多通道独立异常检测方法。
近年来,基于深度学习的方法,尤其是那些利用 Transformer 架构的方法,在网络流量异常检测方面获得了广泛关注。然而,在处理高噪声数据集时,由于跨维度的干扰和噪声,将网络流量序列直接输入 Transformer 网络往往会大大降低检测性能。在本文中,我们提出了一种新型的多通道网络流量异常检测模型 MTC-Net,它降低了计算复杂度,并增强了模型捕捉长距离依赖关系的能力。具体做法是将网络流量序列分解为多个单维时间序列,并引入基于补丁的策略,使每个子序列都能保留本地语义信息。结合 Transformer 和 CNN 的骨干网络用于捕捉复杂模式,在最终分类头融合来自所有通道的信息,以实现复杂网络流量模式的建模和检测。实验结果表明,在四个公开数据集上,MTC-Net 在准确度、精确度、召回率和 F1 分数等多个评估指标上都优于现有的先进方法:这些数据集包括:KDD Cup 99、NSL-KDD、UNSW-NB15 和 CIC-IDS2017。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Biomimetics
Biomimetics Biochemistry, Genetics and Molecular Biology-Biotechnology
CiteScore
3.50
自引率
11.10%
发文量
189
审稿时长
11 weeks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信