In response to the difficulty in detecting and evaluating Zero-day Attack in the field of network security, this paper proposes a novel network security situation assessment technology based on deep learning. This research introduces a two-phase assessment model to achieve the detection and assessment of unknown attacks. The first phase focuses on reconstruction-based network situation anomaly detection, which is utilized to detect and assess anomalous traffic, including unknown attacks. In the second phase, a network attack identification system is developed to identify various types of known attacks. The overall security situation value is quantified by applying a weighted average to the results obtained from both phases. The method was validated on the public benchmark dataset UNSW-NB15, and the experimental results showed that the proposed technique has the ability to evaluate unknown Zero-day attacks, and the evaluation of known attacks is better than the baseline and existing models. By leveraging this technology, network security managers can gain a comprehensive understanding of the current threat landscape faced by the network. This empowers them to actively defend the network security system, mitigate the risk of unknown network attacks to system resources, and ensure the overall security of the network system.
SQL injection attacks are pernicious forms of cyber assaults, and the integration of the TF-IDF algorithm into the domain of SQL injection detection has emerged as a prevailing trend. To address the shortcomings of traditional TF-IDF algorithms, which neglect feature distribution and insufficiently extract features, this paper proposes a detection method for SQL injection attacks based on the TF-IDF-CHI algorithm. This algorithm not only remedies the inadequacies of the TF-IDF algorithm in terms of feature distribution but also enhances feature extraction by incorporating category factors and an improved CHI statistical approach. Experimental findings substantiate an approximate 5% increase in precision compared to the traditional TF-IDF algorithm, thus underscoring the superior performance and efficacy of the proposed algorithm in detecting SQL injection attacks.
Traditional particle swarm optimization has attracted attention in various fields because of its relatively simple form and flexible parameter setting, but it also has the disadvantages of slow convergence speed and easy to fall into local optimization in the face of large-scale multivariate data. To solve this kind of problem, a chaotic multi-group optimization algorithm (CM-PSO) based on Graphics Processing Unit (GPU) is proposed. In the algorithm initialization stage, chaotic mapping is introduced to enhance population diversity, and then the population is divided into multiple small subgroups according to the idea of island model, and the Feng's topology is adopted within each subgroup to improve the search efficiency and reduce the computational complexity. Finally, the CUDA stream (streams) technology is used to realize grid-level parallelism, further improve the degree of algorithm parallelism, and improve the algorithm performance while ensuring the accuracy of the algorithm.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.