网络与信息安全学报 (Oct 2023)
Model of the malicious traffic classification based on hypergraph neural network
Abstract
As the use and reliance on networks continue to grow, the prevalence of malicious network traffic poses a significant challenge in the field of network security.Cyber attackers constantly seek new ways to infiltrate systems, steal data, and disrupt network services.To address this ongoing threat, it is crucial to develop more effective intrusion detection systems that can promptly detect and counteract malicious network traffic, thereby minimizing the resulting losses.However, current methods for classifying malicious traffic have limitations, particularly in terms of excessive reliance on data feature selection.To improve the accuracy of malicious traffic classification, a novel malicious traffic classification model based on Hypergraph Neural Networks (HGNN) was proposed.The traffic data was represented as hypergraph structures and HGNN was utilized to capture the spatial features of the traffic.By considering the interrelations among traffic data, HGNN provided a more accurate representation of the characteristics of malicious traffic.Additionally, to handle the temporal features of traffic data, Recurrent Neural Networks (RNN) was introduced to further enhance the model’s classification performance.The extracted spatiotemporal features were then used for the classification of malicious traffic, aiding in the detection of potential threats within the network.Through a series of ablative experiments, the effectiveness of the HGNN+RNN method was verified.These experiments demonstrate the model’s ability to efficiently extract spatiotemporal features from traffic, resulting in improved classification performance for malicious traffic.The model achieved outstanding classification accuracy across three widely-used open-source datasets: NSL-KDD (94% accuracy), UNSW-NB15 (95.6% accuracy), and CIC-IDS-2017 (99.08% accuracy).These results underscore the potential significance of the malicious traffic classification model based on hypergraph neural networks in enhancing network security and its capacity to better address the evolving landscape of network threats within the domain of network security.
