基于改进残差网络与注意力机制的网络入侵检测方法
Network Intrusion Detection Method Based on Improved Residual Network and Attention Mechanism
摘要: 当前,网络攻击手段的复杂性不断升级,传统入侵检测技术因自身局限性,已难以应对现代网络安全的挑战。具体而言,基于规则的模型无法适应攻击模式的快速变化,难以检测未知攻击;基于特征的方法则因特征提取的准确性和效率不足,容易在新型攻击面前出现误报或漏报。为此本文提出了一种基于改进残差网络(ResNet)和注意力机制的网络入侵检测模型。该模型结合了自动编码器(AutoEncoder)进行特征提取,利用残差网络的深层结构进行特征学习,并引入多头注意力机制以增强特征表示能力。实验结果表明,该模型展现出了优异的表现,其中模型精确率达到了97.27%,F1-score达到了97.78%,模型的损失值(Loss)在训练过程中持续下降并趋于稳定,保持在0.01左右,这些结果验证了模型在处理复杂网络入侵数据时的有效性和可行性,为网络安全领域提供了一种新的解决方案。
Abstract: At present, the complexity of network attack means is escalating, and the traditional intrusion detection technology has been difficult to meet the challenges of modern network security because of its own limitations. Specifically, the rule-based model can not adapt to the rapid changes of attack patterns, and it is difficult to detect unknown attacks; Feature-based methods are prone to false positives or false negatives in the face of new attacks because of the lack of accuracy and efficiency of feature extraction. Therefore, this paper proposes a network intrusion detection model based on improved residual network (ResNet) and attention mechanism. This model combines AutoEncoder to extract features, uses the deep structure of residual network to learn features, and introduces multi-head attention mechanism to enhance the ability of feature representation. The experimental results show that the model shows excellent performance, in which the accuracy rate of the model reaches 97.27%, the F1-score reaches 97.78%, and the Loss value of the model keeps decreasing and tends to be stable during the training process, and keeps around 0.01. These results verify the effectiveness and feasibility of the model in dealing with complex network intrusion data, and provide a new solution for the field of network security.
文章引用:荆韬, 谢子翔, 陶薇, 杨凯. 基于改进残差网络与注意力机制的网络入侵检测方法[J]. 计算机科学与应用, 2025, 15(9): 174-182. https://doi.org/10.12677/csa.2025.159235

参考文献

[1] Wu, Y., Zou, B. and Cao, Y. (2024) Current Status and Challenges and Future Trends of Deep Learning-Based Intrusion Detection Models. Journal of Imaging, 10, Article 254. [Google Scholar] [CrossRef] [PubMed]
[2] Cao, B., Li, C., Song, Y. and Fan, X. (2022) Network Intrusion Detection Technology Based on Convolutional Neural Network and BiGRU. Computational Intelligence and Neuroscience, 2022, Article ID: 1942847. [Google Scholar] [CrossRef] [PubMed]
[3] Fatani, A., Dahou, A., Abd Elaziz, M., Al-qaness, M.A.A., Lu, S., Alfadhli, S.A., et al. (2023) Enhancing Intrusion Detection Systems for IoT and Cloud Environments Using a Growth Optimizer Algorithm and Conventional Neural Networks. Sensors, 23, Article 4430. [Google Scholar] [CrossRef] [PubMed]
[4] Debicha, I., Bauwens, R., Debatty, T., Dricot, J., Kenaza, T. and Mees, W. (2023) TAD: Transfer Learning-Based Multi-Adversarial Detection of Evasion Attacks against Network Intrusion Detection Systems. Future Generation Computer Systems, 138, 185-197. [Google Scholar] [CrossRef
[5] Vu, L., Nguyen, Q.U., Nguyen, D.N., Hoang, D.T. and Dutkiewicz, E. (2023) Deep Generative Learning Models for Cloud Intrusion Detection Systems. IEEE Transactions on Cybernetics, 53, 565-577. [Google Scholar] [CrossRef] [PubMed]
[6] Alazab, M., Khurma, R.A., Awajan, A. and Camacho, D. (2022) A New Intrusion Detection System Based on Moth—Flame Optimizer Algorithm. Expert Systems with Applications, 210, Article ID: 118439. [Google Scholar] [CrossRef
[7] 谢英辉, 刘亮. 物联网入侵检测模型的RFLE算法[J]. 空天预警研究学报, 2025, 39(3): 203-208.
[8] 金志刚, 刘凯, 陈旭阳, 等. 基于对比学习和关系蒸馏的增量式入侵检测方法[J/OL]. 哈尔滨工业大学学报: 1-10.
http://kns.cnki.net/kcms/detail/23.1235.t.20250611.1804.006.html, 2025-06-16.
[9] 黄冬梅, 颜昊, 张文博, 等. 基于Powershap和混合采样的动态集成入侵检测模型[J/OL]. 电信科学: 1-14.
http://kns.cnki.net/kcms/detail/11.2103.TN.20250611.1455.022.html, 2025-06-16.
[10] 郑锦波, 王慧玲. 一种混合特征选择的朴素贝叶斯网络入侵检测算法[J/OL]. 南京师大学报(自然科学版): 1-11.
http://kns.cnki.net/kcms/detail/32.1239.N.20250610.1445.008.html, 2025-06-16.
[11] 王立红, 刘新倩, 李静, 等. 基于联邦学习和时空特征融合的网络入侵检测方法[J]. 浙江大学学报(工学版), 2025, 59(6): 1201-1210.
http://kns.cnki.net/kcms/detail/33.1245.T.20250604.1009.014.html
[12] Li, X., Zheng, Z., Zhao, M., Zhao, Y., Shi, L. and Wang, B. (2025) RLFE-IDS: A Framework of Intrusion Detection System Based on Retrieval Augmented Generation and Large Language Model. Computer Networks, 268, Article ID: 111341. [Google Scholar] [CrossRef
[13] Song, W., Zhu, X., Ren, S., Tan, W. and Peng, Y. (2025) A Hybrid Blockchain and Machine Learning Approach for Intrusion Detection System in Industrial Internet of Things. Alexandria Engineering Journal, 127, 619-627. [Google Scholar] [CrossRef
[14] 曾庆瑞. 基于自监督学习的计算机信息入侵检测算法研究[J]. 信息记录材料, 2025, 26(6): 111-113.
[15] 韩英. 基于变分自编码器和CNN-BiLSTM的网络入侵检测模型研究[J]. 佳木斯大学学报(自然科学版), 2025, 43(4): 19-22.
https://d.wanfangdata.com.cn/periodical/jmsdxxb202504005
[16] 刘拥民, 许成, 黄浩, 等. 基于SAE和WGAN的入侵检测方法研究[J]. 计算机工程与科学, 2025, 47(2): 256-264.