{"title":"DMSE:一种基于深度多堆叠集成学习的高效恶意流量检测模型","authors":"Saihua Cai, Yang Zhang, Yanghang Li, Yupeng Wang, Jiayao Li, Xiang Zhou","doi":"10.1007/s10489-025-06819-1","DOIUrl":null,"url":null,"abstract":"<div><p>In the context of increasing cyber threats, developing an efficient malicious traffic detection model to recognize the cyber attacks has become an urgent demand in the field of cyber security. This paper proposes an efficient malicious traffic detection model called DMSE based on deep multi-stacking ensemble learning, it is primarily consisted of feature representation module, base model detection module and multi-stacking ensemble learning module. In the feature representation phase, we propose a novel RGB image representation method, which hierarchically represents the global and local features of network traffic by allocating the information to three channels of RGB images. In the base model detection phase, we adopt five different deep learning models—CNN, TCN, LSTM, BiLSTM and BiTCN—as base models for the first-stage prediction. In the multi-stacking ensemble learning phase, we adopt the best-performing BiTCN from extensive experiments as the meta-learner to perform a second prediction using the results from the first stage, thereby obtaining the final detection result. Experiments conducted on USTC-TFC2016, CTU and ISAC datasets demonstrate that the proposed DMSE model significantly outperforms existing ensemble learning-based detection models in terms of accuracy, F1-score, false positive rate (FPR), true positive rate (TPR) and stability. The experimental results indicate that the proposed DMSE model can effectively identify and defend against network attacks, providing the new perspectives and technical support for maintaining a secure network environment.</p></div>","PeriodicalId":8041,"journal":{"name":"Applied Intelligence","volume":"55 14","pages":""},"PeriodicalIF":3.5000,"publicationDate":"2025-09-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"DMSE: An efficient malicious traffic detection model based on deep multi-stacking ensemble learning\",\"authors\":\"Saihua Cai, Yang Zhang, Yanghang Li, Yupeng Wang, Jiayao Li, Xiang Zhou\",\"doi\":\"10.1007/s10489-025-06819-1\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>In the context of increasing cyber threats, developing an efficient malicious traffic detection model to recognize the cyber attacks has become an urgent demand in the field of cyber security. This paper proposes an efficient malicious traffic detection model called DMSE based on deep multi-stacking ensemble learning, it is primarily consisted of feature representation module, base model detection module and multi-stacking ensemble learning module. In the feature representation phase, we propose a novel RGB image representation method, which hierarchically represents the global and local features of network traffic by allocating the information to three channels of RGB images. In the base model detection phase, we adopt five different deep learning models—CNN, TCN, LSTM, BiLSTM and BiTCN—as base models for the first-stage prediction. In the multi-stacking ensemble learning phase, we adopt the best-performing BiTCN from extensive experiments as the meta-learner to perform a second prediction using the results from the first stage, thereby obtaining the final detection result. Experiments conducted on USTC-TFC2016, CTU and ISAC datasets demonstrate that the proposed DMSE model significantly outperforms existing ensemble learning-based detection models in terms of accuracy, F1-score, false positive rate (FPR), true positive rate (TPR) and stability. The experimental results indicate that the proposed DMSE model can effectively identify and defend against network attacks, providing the new perspectives and technical support for maintaining a secure network environment.</p></div>\",\"PeriodicalId\":8041,\"journal\":{\"name\":\"Applied Intelligence\",\"volume\":\"55 14\",\"pages\":\"\"},\"PeriodicalIF\":3.5000,\"publicationDate\":\"2025-09-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Applied Intelligence\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://link.springer.com/article/10.1007/s10489-025-06819-1\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Applied Intelligence","FirstCategoryId":"94","ListUrlMain":"https://link.springer.com/article/10.1007/s10489-025-06819-1","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}
DMSE: An efficient malicious traffic detection model based on deep multi-stacking ensemble learning
In the context of increasing cyber threats, developing an efficient malicious traffic detection model to recognize the cyber attacks has become an urgent demand in the field of cyber security. This paper proposes an efficient malicious traffic detection model called DMSE based on deep multi-stacking ensemble learning, it is primarily consisted of feature representation module, base model detection module and multi-stacking ensemble learning module. In the feature representation phase, we propose a novel RGB image representation method, which hierarchically represents the global and local features of network traffic by allocating the information to three channels of RGB images. In the base model detection phase, we adopt five different deep learning models—CNN, TCN, LSTM, BiLSTM and BiTCN—as base models for the first-stage prediction. In the multi-stacking ensemble learning phase, we adopt the best-performing BiTCN from extensive experiments as the meta-learner to perform a second prediction using the results from the first stage, thereby obtaining the final detection result. Experiments conducted on USTC-TFC2016, CTU and ISAC datasets demonstrate that the proposed DMSE model significantly outperforms existing ensemble learning-based detection models in terms of accuracy, F1-score, false positive rate (FPR), true positive rate (TPR) and stability. The experimental results indicate that the proposed DMSE model can effectively identify and defend against network attacks, providing the new perspectives and technical support for maintaining a secure network environment.
期刊介绍:
With a focus on research in artificial intelligence and neural networks, this journal addresses issues involving solutions of real-life manufacturing, defense, management, government and industrial problems which are too complex to be solved through conventional approaches and require the simulation of intelligent thought processes, heuristics, applications of knowledge, and distributed and parallel processing. The integration of these multiple approaches in solving complex problems is of particular importance.
The journal presents new and original research and technological developments, addressing real and complex issues applicable to difficult problems. It provides a medium for exchanging scientific research and technological achievements accomplished by the international community.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
