Yanli Tu, Yu Wu, Shizheng Feng, Jiaxin Ren, Han Shen, Yuzhen Zhang, Qianwen Liu
{"title":"基于特征融合和加权关注的威胁流分类方法","authors":"Yanli Tu, Yu Wu, Shizheng Feng, Jiaxin Ren, Han Shen, Yuzhen Zhang, Qianwen Liu","doi":"10.1002/dac.70092","DOIUrl":null,"url":null,"abstract":"<div>\n \n <p>With the rapid development of the Internet, the increasing network traffic has brought a greater burden to network management. At the same time, abnormal traffic attacks on network equipment pose significant security risks. Classifying network traffic on network devices is an important way to protect information security. However, due to the vast amount and high-dimensional attributes of traffic data, existing traffic classification models are mostly complex in structure, with a large number of parameters, making them difficult to apply to network devices with limited computing resources. Hence, this paper proposes a threat flow classification method based on feature fusion and weighted attention (FFWCA) to save storage and computing costs while ensuring model accuracy. Firstly, it constructs a lightweight multiscale feature extraction module by dilated convolutions and <span></span><math>\n <semantics>\n <mrow>\n <mn>1</mn>\n <mo>×</mo>\n <mn>1</mn>\n </mrow>\n <annotation>$$ 1\\times 1 $$</annotation>\n </semantics></math> convolutions to fuse features of different receptive field sizes. Then, it constructs an inverted residual structure embedded with a weighted coordinate attention mechanism, to extract accurate features for traffic classification and mitigate the gradient vanishing phenomenon brought by the lightweight model, a chapter. Finally, it constructs a fully convolutional structure classifier to reduce the computational overhead brought by the fully connected layer classifier while ensuring the model's nonlinear complexity. FFWCA significantly reduces the model's computational overhead and the number of parameters by incorporating a lightweight multiscale feature extraction module and a weighted coordinate attention mechanism, so that it can be efficiently deployed on network devices with constrain computing resources. Experiments on two public network traffic datasets, Bot-IoT and USTC-TFC2016, demonstrate that FFWCA achieves a balance between performance and lightweight and is suitable for edge computing and IoT devices.</p>\n </div>","PeriodicalId":13946,"journal":{"name":"International Journal of Communication Systems","volume":"38 9","pages":""},"PeriodicalIF":1.7000,"publicationDate":"2025-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Threat Flow Classification Method Based on Feature Fusion and Weighted Attention\",\"authors\":\"Yanli Tu, Yu Wu, Shizheng Feng, Jiaxin Ren, Han Shen, Yuzhen Zhang, Qianwen Liu\",\"doi\":\"10.1002/dac.70092\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div>\\n \\n <p>With the rapid development of the Internet, the increasing network traffic has brought a greater burden to network management. At the same time, abnormal traffic attacks on network equipment pose significant security risks. Classifying network traffic on network devices is an important way to protect information security. However, due to the vast amount and high-dimensional attributes of traffic data, existing traffic classification models are mostly complex in structure, with a large number of parameters, making them difficult to apply to network devices with limited computing resources. Hence, this paper proposes a threat flow classification method based on feature fusion and weighted attention (FFWCA) to save storage and computing costs while ensuring model accuracy. Firstly, it constructs a lightweight multiscale feature extraction module by dilated convolutions and <span></span><math>\\n <semantics>\\n <mrow>\\n <mn>1</mn>\\n <mo>×</mo>\\n <mn>1</mn>\\n </mrow>\\n <annotation>$$ 1\\\\times 1 $$</annotation>\\n </semantics></math> convolutions to fuse features of different receptive field sizes. Then, it constructs an inverted residual structure embedded with a weighted coordinate attention mechanism, to extract accurate features for traffic classification and mitigate the gradient vanishing phenomenon brought by the lightweight model, a chapter. Finally, it constructs a fully convolutional structure classifier to reduce the computational overhead brought by the fully connected layer classifier while ensuring the model's nonlinear complexity. FFWCA significantly reduces the model's computational overhead and the number of parameters by incorporating a lightweight multiscale feature extraction module and a weighted coordinate attention mechanism, so that it can be efficiently deployed on network devices with constrain computing resources. Experiments on two public network traffic datasets, Bot-IoT and USTC-TFC2016, demonstrate that FFWCA achieves a balance between performance and lightweight and is suitable for edge computing and IoT devices.</p>\\n </div>\",\"PeriodicalId\":13946,\"journal\":{\"name\":\"International Journal of Communication Systems\",\"volume\":\"38 9\",\"pages\":\"\"},\"PeriodicalIF\":1.7000,\"publicationDate\":\"2025-05-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Communication Systems\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1002/dac.70092\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"ENGINEERING, ELECTRICAL & ELECTRONIC\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Communication Systems","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/dac.70092","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}
A Threat Flow Classification Method Based on Feature Fusion and Weighted Attention
With the rapid development of the Internet, the increasing network traffic has brought a greater burden to network management. At the same time, abnormal traffic attacks on network equipment pose significant security risks. Classifying network traffic on network devices is an important way to protect information security. However, due to the vast amount and high-dimensional attributes of traffic data, existing traffic classification models are mostly complex in structure, with a large number of parameters, making them difficult to apply to network devices with limited computing resources. Hence, this paper proposes a threat flow classification method based on feature fusion and weighted attention (FFWCA) to save storage and computing costs while ensuring model accuracy. Firstly, it constructs a lightweight multiscale feature extraction module by dilated convolutions and convolutions to fuse features of different receptive field sizes. Then, it constructs an inverted residual structure embedded with a weighted coordinate attention mechanism, to extract accurate features for traffic classification and mitigate the gradient vanishing phenomenon brought by the lightweight model, a chapter. Finally, it constructs a fully convolutional structure classifier to reduce the computational overhead brought by the fully connected layer classifier while ensuring the model's nonlinear complexity. FFWCA significantly reduces the model's computational overhead and the number of parameters by incorporating a lightweight multiscale feature extraction module and a weighted coordinate attention mechanism, so that it can be efficiently deployed on network devices with constrain computing resources. Experiments on two public network traffic datasets, Bot-IoT and USTC-TFC2016, demonstrate that FFWCA achieves a balance between performance and lightweight and is suitable for edge computing and IoT devices.
期刊介绍:
The International Journal of Communication Systems provides a forum for R&D, open to researchers from all types of institutions and organisations worldwide, aimed at the increasingly important area of communication technology. The Journal''s emphasis is particularly on the issues impacting behaviour at the system, service and management levels. Published twelve times a year, it provides coverage of advances that have a significant potential to impact the immense technical and commercial opportunities in the communications sector. The International Journal of Communication Systems strives to select a balance of contributions that promotes technical innovation allied to practical relevance across the range of system types and issues.
The Journal addresses both public communication systems (Telecommunication, mobile, Internet, and Cable TV) and private systems (Intranets, enterprise networks, LANs, MANs, WANs). The following key areas and issues are regularly covered:
-Transmission/Switching/Distribution technologies (ATM, SDH, TCP/IP, routers, DSL, cable modems, VoD, VoIP, WDM, etc.)
-System control, network/service management
-Network and Internet protocols and standards
-Client-server, distributed and Web-based communication systems
-Broadband and multimedia systems and applications, with a focus on increased service variety and interactivity
-Trials of advanced systems and services; their implementation and evaluation
-Novel concepts and improvements in technique; their theoretical basis and performance analysis using measurement/testing, modelling and simulation
-Performance evaluation issues and methods.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
