Next Article in Journal
Linear Bundle of Lie Algebras Applied to the Classification of Real Lie Algebras
Previous Article in Journal
Quantum Current Algebra Symmetry and Description of Boltzmann Type Kinetic Equations in Statistical Physics
Article

Network Intrusion Detection Based on an Efficient Neural Architecture Search

1
School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China
2
School of Electronic Engineering, Beijing University of Posts and Telecommunications, Beijing 100876, China
*
Author to whom correspondence should be addressed.
Academic Editors: Victor A. Eremeyev and Rahmat Ellahi
Symmetry 2021, 13(8), 1453; https://doi.org/10.3390/sym13081453
Received: 10 June 2021 / Revised: 22 July 2021 / Accepted: 3 August 2021 / Published: 9 August 2021
(This article belongs to the Section Computer and Engineering Science and Symmetry/Asymmetry)
Deep learning has been applied in the field of network intrusion detection and has yielded good results. In malicious network traffic classification tasks, many studies have achieved good performance with respect to the accuracy and recall rate of classification through self-designed models. In deep learning, the design of the model architecture greatly influences the results. However, the design of the network model architecture usually requires substantial professional knowledge. At present, the focus of research in the field of traffic monitoring is often directed elsewhere. Therefore, in the classification task of the network intrusion detection field, there is much room for improvement in the design and optimization of the model architecture. A neural architecture search (NAS) can automatically search the architecture of the model under the premise of a given optimization goal. For this reason, we propose a model that can perform NAS in the field of network traffic classification and search for the optimal architecture suitable for traffic detection based on the network traffic dataset. Each layer of our depth model is constructed according to the principle of maximum coding rate attenuation, which has strong consistency and symmetry in structure. Compared with some manually designed network architectures, classification indicators, such as Top-1 accuracy and F1 score, are also greatly improved while ensuring the lightweight nature of the model. In addition, we introduce a surrogate model in the search task. Compared to using the traditional NAS model to search the network traffic classification model, our NAS model greatly improves the search efficiency under the premise of ensuring that the results are not substantially different. We also manually adjust some operations in the search space of the architecture search to find a set of model operations that are more suitable for traffic classification. Finally, we apply the searched model to other traffic datasets to verify the universality of the model. Compared with several common network models in the traffic field, the searched model (NAS-Net) performs better, and the classification effect is more accurate. View Full-Text
Keywords: NAS; network traffic classification; surrogate model NAS; network traffic classification; surrogate model
Show Figures

Figure 1

MDPI and ACS Style

Lyu, R.; He, M.; Zhang, Y.; Jin, L.; Wang, X. Network Intrusion Detection Based on an Efficient Neural Architecture Search. Symmetry 2021, 13, 1453. https://doi.org/10.3390/sym13081453

AMA Style

Lyu R, He M, Zhang Y, Jin L, Wang X. Network Intrusion Detection Based on an Efficient Neural Architecture Search. Symmetry. 2021; 13(8):1453. https://doi.org/10.3390/sym13081453

Chicago/Turabian Style

Lyu, Renjian, Mingshu He, Yu Zhang, Lei Jin, and Xinlei Wang. 2021. "Network Intrusion Detection Based on an Efficient Neural Architecture Search" Symmetry 13, no. 8: 1453. https://doi.org/10.3390/sym13081453

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop