cc 20(13): e5

Research Article

A Framework for Predicting Network Security Situation Based on the Improved LSTM

Download164 downloads
  • @ARTICLE{10.4108/eai.12-6-2020.165278,
        author={Shixuan Li and Dongmei Zhao and Qingru Li},
        title={A Framework for Predicting Network Security Situation Based on the Improved LSTM},
        journal={EAI Endorsed Transactions on Collaborative Computing},
        volume={4},
        number={13},
        publisher={EAI},
        journal_a={CC},
        year={2020},
        month={6},
        keywords={network security situation, deep learning, situation prediction, neural network, LSTM},
        doi={10.4108/eai.12-6-2020.165278}
    }
    
  • Shixuan Li
    Dongmei Zhao
    Qingru Li
    Year: 2020
    A Framework for Predicting Network Security Situation Based on the Improved LSTM
    CC
    EAI
    DOI: 10.4108/eai.12-6-2020.165278
Shixuan Li1,2, Dongmei Zhao1,2,*, Qingru Li1,2
  • 1: College of Computer and Cyber Security, Hebei Normal University, Shijiazhuang 050024, China
  • 2: Hebei Key Laboratory of Network & Information Security, Shijiazhuang 050024, China
*Contact email: zhaodongmei666@126.com

Abstract

In recent years, raw security situation data cannot be utilized well by fully connected neural networks. Generally, a cyber infiltration is a gradual process and there are logical associations between future situation and historical information. Taking the factors into account, this paper proposes a framework to predict network security situation. According the needs of this framework, we improve Long Short-Term Memory (LSTM) with Cross-Entropy function, Rectified Linear Unit and appropriate layer stacking. Modules are designed in the framework to transform raw data into quantitative results. Finally, the performance is evaluated on KDD CUP 99 dataset and UNSW-NB15 dataset. Experiments prove that the framework built with the improved LSTM has better performance to predict network security situation in the near future. The framework achieves a relatively practical prediction of network security situation, helping provide advanced measures to improve network security.