基于支持向量机的广域网安全多模态威胁检测算法

IF 1 4区计算机科学 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Journal of Web Engineering Pub Date : 2025-09-01 DOI:10.13052/jwe1540-9589.2465

Bo Yuan

{"title":"基于支持向量机的广域网安全多模态威胁检测算法","authors":"Bo Yuan","doi":"10.13052/jwe1540-9589.2465","DOIUrl":null,"url":null,"abstract":"Wide area networks (WANs) are increasingly susceptible to sophisticated cyber threats, particularly as critical infrastructure becomes more interconnected. For example, computing-first networks (CFNs) often traverse WANs at edge access nodes, making them more vulnerable to security threats. This paper proposes a multimodal threat detection framework that combines traffic statistics, system logs, and user behavior patterns to deliver interpretable and real-time classification of network threats. The system applies feature normalization and uses principal component analysis (PCA) to reduce dimensionality. A support vector machine (SVM) with a radial basis function kernel is then used to detect non-linear attack patterns. A web-based architecture enables real-time deployment via REST APIs, and extensive evaluations on the CICIDS 2017 and UNSW-NB15 datasets demonstrate high accuracy (up to 96.8%) and low-latency inference. Ablation studies confirm the importance of multimodal fusion, and benchmark tests validate scalability and system responsiveness. This work offers a deployable and efficient solution for real-time WAN security, with promising applications in energy systems, public infrastructure, and enterprise networks.","PeriodicalId":49952,"journal":{"name":"Journal of Web Engineering","volume":"24 6","pages":"973-996"},"PeriodicalIF":1.0000,"publicationDate":"2025-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11194294","citationCount":"0","resultStr":"{\"title\":\"A Multimodal Threat Detection Algorithm for Wide Area Network Security Based on Support Vector Machines\",\"authors\":\"Bo Yuan\",\"doi\":\"10.13052/jwe1540-9589.2465\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Wide area networks (WANs) are increasingly susceptible to sophisticated cyber threats, particularly as critical infrastructure becomes more interconnected. For example, computing-first networks (CFNs) often traverse WANs at edge access nodes, making them more vulnerable to security threats. This paper proposes a multimodal threat detection framework that combines traffic statistics, system logs, and user behavior patterns to deliver interpretable and real-time classification of network threats. The system applies feature normalization and uses principal component analysis (PCA) to reduce dimensionality. A support vector machine (SVM) with a radial basis function kernel is then used to detect non-linear attack patterns. A web-based architecture enables real-time deployment via REST APIs, and extensive evaluations on the CICIDS 2017 and UNSW-NB15 datasets demonstrate high accuracy (up to 96.8%) and low-latency inference. Ablation studies confirm the importance of multimodal fusion, and benchmark tests validate scalability and system responsiveness. This work offers a deployable and efficient solution for real-time WAN security, with promising applications in energy systems, public infrastructure, and enterprise networks.\",\"PeriodicalId\":49952,\"journal\":{\"name\":\"Journal of Web Engineering\",\"volume\":\"24 6\",\"pages\":\"973-996\"},\"PeriodicalIF\":1.0000,\"publicationDate\":\"2025-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11194294\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Web Engineering\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/11194294/\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Web Engineering","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/11194294/","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

摘要

广域网（wan）越来越容易受到复杂的网络威胁的影响，特别是在关键基础设施变得更加互联的情况下。例如，计算优先网络（cfn）经常在边缘访问节点上遍历广域网，这使得它们更容易受到安全威胁。本文提出了一种结合流量统计、系统日志和用户行为模式的多模态威胁检测框架，以提供可解释的实时网络威胁分类。该系统采用特征归一化，并使用主成分分析（PCA）进行降维。然后利用径向基函数核支持向量机（SVM）检测非线性攻击模式。基于web的架构可通过REST api实现实时部署，对CICIDS 2017和UNSW-NB15数据集的广泛评估显示出高精度（高达96.8%）和低延迟推断。消融研究证实了多模态融合的重要性，基准测试验证了可扩展性和系统响应性。这项工作为实时广域网安全提供了一种可部署且高效的解决方案，在能源系统、公共基础设施和企业网络中具有广阔的应用前景。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Multimodal Threat Detection Algorithm for Wide Area Network Security Based on Support Vector Machines

Wide area networks (WANs) are increasingly susceptible to sophisticated cyber threats, particularly as critical infrastructure becomes more interconnected. For example, computing-first networks (CFNs) often traverse WANs at edge access nodes, making them more vulnerable to security threats. This paper proposes a multimodal threat detection framework that combines traffic statistics, system logs, and user behavior patterns to deliver interpretable and real-time classification of network threats. The system applies feature normalization and uses principal component analysis (PCA) to reduce dimensionality. A support vector machine (SVM) with a radial basis function kernel is then used to detect non-linear attack patterns. A web-based architecture enables real-time deployment via REST APIs, and extensive evaluations on the CICIDS 2017 and UNSW-NB15 datasets demonstrate high accuracy (up to 96.8%) and low-latency inference. Ablation studies confirm the importance of multimodal fusion, and benchmark tests validate scalability and system responsiveness. This work offers a deployable and efficient solution for real-time WAN security, with promising applications in energy systems, public infrastructure, and enterprise networks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Web Engineering 工程技术-计算机：理论方法

CiteScore

1.80

自引率

12.50%

发文量

审稿时长

9 months

期刊介绍： The World Wide Web and its associated technologies have become a major implementation and delivery platform for a large variety of applications, ranging from simple institutional information Web sites to sophisticated supply-chain management systems, financial applications, e-government, distance learning, and entertainment, among others. Such applications, in addition to their intrinsic functionality, also exhibit the more complex behavior of distributed applications.