基于TabTransformer的网络入侵检测系统研究与实现
Research and Implementation of a Network Intrusion Detection System Based on TabTransformer
DOI: 10.12677/csa.2026.165163, PDF,    国家科技经费支持
作者: 易皓天, 楼其俊, 尹铭宇, 林濠浚:宁波工程学院网络空间安全学院,浙江 宁波
关键词: 网络安全攻击检测流量分析网络入侵检测TabTransformerCyber Security Attack Detection Traffic Analysis Network Intrusion Detection TabTransformer
摘要: 随着网络攻击手段日益复杂多样,传统入侵检测方法在复杂流量环境下面临性能瓶颈。针对网络流量数据中高维特征及复杂特征交互问题,文章设计并实现了一种基于TabTransformer的端到端网络入侵检测系统,通过引入特征嵌入和自注意力机制,捕获网络流量数据中复杂的非线性关系。基于CIC-IDS2017和UNSW-NB15公开数据集的对比实验表明,该系统在准确率、F1-Score、PR-AUC等指标上均优于CNN、RNN、LSTM等典型深度学习模型,在两个数据集的F1-Score均达到0.98以上,可为Transformer在入侵检测中的应用提供了一定参考。
Abstract: As the methods of network attacks become increasingly complex and diverse, traditional intrusion detection methods are limited in performance in complex traffic environments. To address the issues of high-dimensional features and complex feature interactions in network traffic data, this paper designs and implements an end-to-end network intrusion detection system based on TabTransformer. By introducing feature embedding and self-attention mechanisms, it captures the complex nonlinear relationships in network traffic data. Comparative experiments based on the public datasets CIC-IDS2017 and UNSW-NB15 show that this system outperforms typical deep learning models such as CNN, RNN, and LSTM in terms of accuracy, F1-Score, PR-AUC, etc. The F1-Score of this system in both datasets reaches above 0.98, providing certain references for the application of the Transformer in intrusion detection.
文章引用:易皓天, 楼其俊, 尹铭宇, 林濠浚. 基于TabTransformer的网络入侵检测系统研究与实现[J]. 计算机科学与应用, 2026, 16(5): 49-57. https://doi.org/10.12677/csa.2026.165163

参考文献

[1] Qutqut, M.H., Ahmed, A., Taqi, M.K., Abimanyu, J., Ajes, E.T. and Alhaj, F. (2026) A Comparative Evaluation of Snort and Suricata for Detecting Data Exfiltration Tunnels in Cloud Environments. Journal of Cybersecurity and Privacy, 6, Article 17. [Google Scholar] [CrossRef
[2] Hozouri, A., Mirzaei, A. and Effatparvar, M. (2025) A Comprehensive Survey on Intrusion Detection Systems with Advances in Machine Learning, Deep Learning and Emerging Cybersecurity Challenges. Discover Artificial Intelligence, 5, Article No. 314. [Google Scholar] [CrossRef
[3] 张洁, 张永. 一种基于核心向量机的分层入侵检测模型[J]. 计算机应用与软件, 2024, 41(7): 296-301, 314.
[4] 王雪妍, 温蜜, 李晋国, 等. 一种卷积神经网络结合特征融合的网络入侵检测方法[J]. 计算机应用与软件, 2024, 41(8): 359-366.
[5] 黄亮, 陶达, 王秀木, 等. 基于改进LSTM的网络入侵检测方法[J]. 计算机测量与控制, 2025, 33(2): 63-70.
[6] Dash, N., Chakravarty, S., Rath, A.K., Giri, N.C., AboRas, K.M. and Gowtham, N. (2025) An Optimized LSTM-Based Deep Learning Model for Anomaly Network Intrusion Detection. Scientific Reports, 15, Article No. 1554. [Google Scholar] [CrossRef] [PubMed]
[7] Vaswani, A., Shazeer, N., Parmar, N., et al. (2017) Attention Is All You Need. arXiv: 1706.03762.
[8] Neto, E.C.P., Iqbal, S., Buffett, S., Sultana, M. and Taylor, A. (2025) Deep Learning for Intrusion Detection in Emerging Technologies: A Comprehensive Survey and New Perspectives. Artificial Intelligence Review, 58, Article No. 340. [Google Scholar] [CrossRef
[9] Huang, X., Khetan, A., Cvitkovic, M., et al. (2020) TabTransformer: Tabular Data Modeling Using Contextual Embeddings. arXiv: 2012.06678.
[10] Lin, T., Goyal, P., Girshick, R., He, K. and Dollar, P. (2017) Focal Loss for Dense Object Detection. 2017 IEEE International Conference on Computer Vision (ICCV), Venice, 22-29 October 2017, 2999-3007. [Google Scholar] [CrossRef
[11] Moustafa, N. and Slay, J. (2015) UNSW-NB15: A Comprehensive Data Set for Network Intrusion Detection Systems (UNSW-NB15 Network Data Set). 2015 Military Communications and Information Systems Conference (MilCIS), Canberra, 10-12 November 2015, 1-6. [Google Scholar] [CrossRef
[12] Sharafaldin, I., Habibi Lashkari, A. and Ghorbani, A.A. (2018) Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization. Proceedings of the 4th International Conference on Information Systems Security and Privacy, Funchal, Madeira, 22-24 January 2018, 108-116. [Google Scholar] [CrossRef
[13] Akuthota, U.C. and Bhargava, L. (2025) The Role of Machine and Deep Learning in Modern Intrusion Detection Systems: A Comprehensive Review. Computers and Electrical Engineering, 124, Article ID: 110318. [Google Scholar] [CrossRef
[14] 蹇诗婕, 卢志刚, 杜丹, 等. 网络入侵检测技术综述[J]. 信息安全学报, 2020, 5(4): 96-122.
[15] Díaz-Verdejo, J., Muñoz-Calle, J., Estepa Alonso, A., Estepa Alonso, R. and Madinabeitia, G. (2022) On the Detection Capabilities of Signature-Based Intrusion Detection Systems in the Context of Web Attacks. Applied Sciences, 12, Article 852. [Google Scholar] [CrossRef
[16] Kumar, L.K.S., Nethi, S.R., Uyyala, R., Vurubindi, P., Narahari, S.C., Das, A.K., et al. (2026) Anomaly-Based Intrusion Detection on Benchmark Datasets for Network Security: A Comprehensive Evaluation. Scientific Reports, 16, Article No. 8507. [Google Scholar] [CrossRef
[17] Ali, M.L., Thakur, K., Schmeelk, S., Debello, J. and Dragos, D. (2025) Deep Learning Vs. Machine Learning for Intrusion Detection in Computer Networks: A Comparative Study. Applied Sciences, 15, Article 1903. [Google Scholar] [CrossRef
[18] Zhang, Y., Muniyandi, R.C. and Qamar, F. (2025) A Review of Deep Learning Applications in Intrusion Detection Systems: Overcoming Challenges in Spatiotemporal Feature Extraction and Data Imbalance. Applied Sciences, 15, Article 1552. [Google Scholar] [CrossRef
[19] 张昊, 张小雨, 张振友, 等. 基于深度学习的入侵检测模型综述[J]. 计算机工程与应用, 2022, 58(6): 17-28.
[20] Borisov, V., Leemann, T., Seßler, K., Haug, J., Pawelczyk, M. and Kasneci, G. (2024) Deep Neural Networks and Tabular Data: A Survey. IEEE Transactions on Neural Networks and Learning Systems, 35, 7499-7519. [Google Scholar] [CrossRef] [PubMed]
[21] Luay, M., Layeghy, S., Hosseininoorbin, S., et al. (2025) Temporal Analysis of NetFlow Datasets for Network Intrusion Detection Systems. arXiv: 2503.04404.