工业控制网络与系统研究室知识库

目前，针对网络攻击越来越隐蔽，且具有智能化和复杂化的特点，浅层的机器学习已经无法及时应对，文中提出了一种基于SDAE(Stacked Denoising Autoencoder)和LSTM(Long Short-Term Memory)相结合的深度学习方法。首先，通过堆叠深层的SDAE智能逐层抽取网络数据的分布规则，结合各个编码层的系数惩罚和重构误差对高维数据进行多样性异常特征提取。然后，结合LSTM的记忆功能和强大的序列数据学习能力进行学习分类。最后，在UNSW-NB15数据集上进行了实验，通过调整时间步长进行分析，实验结果表明，该模型具有检测准确率高、误报率低的优点。

At present, in view of the increasingly hidden, intelligent and complex characteristics of network attacks, shallow machine learning is no longer timely. In this paper, A deep learning method based on the combination of SDAE and LSTM is proposed. Firstly, the distribution rules of network data were extracted layer by layer by intelligent stacking of SDAE deep layer, and the diversity anomaly features of high-dimensional data were extracted by combining coefficient penalty and reconstruction error of each coding layer. Then, combine the memory function of LSTM and the powerful sequence data learning ability to classify learning. Finally, the experiments were carried out on the UNSW-NB15 data set, and the analysis was performed by adjusting the time step. The experimental results show that the model has the advantages of high detection accuracy and low false alarm rate.