Research on Intelligent Network Security Event Detection and Emergency Disposal Technology
31. März 2025
Über diesen Artikel
Online veröffentlicht: 31. März 2025
Eingereicht: 11. Nov. 2024
Akzeptiert: 14. Feb. 2025
DOI: https://doi.org/10.2478/amns-2025-0819
Schlüsselwörter
© 2025 Wang Xiaoxia, published by Sciendo
This work is licensed under the Creative Commons Attribution 4.0 International License.
Figure 1.
Figure 2.
Figure 3.
Figure 4.
Figure 5.
Figure 6.
Figure 7.
Figure 8.
Figure 9.
Identification of different types of attacks in different models
| Attack type | Model | Precision | accuracy | Recall | F1 score |
|---|---|---|---|---|---|
| CNN-LSTM_HMNID | 0.95 | 0.96 | 0.94 | 0.945 | |
| DDoS attack | SVM | 0.90 | 0.92 | 0.88 | 0.89 |
| Random Forest | 0.92 | 0.93 | 0.90 | 0.91 | |
| CNN-LSTM_HMNID | 0.93 | 0.95 | 0.96 | 0.945 | |
| Port scanning | SVM | 0.88 | 0.90 | 0.92 | 0.90 |
| Random Forest | 0.90 | 0.92 | 0.91 | 0.905 | |
| CNN-LSTM_HMNID | 0.91 | 0.93 | 0.92 | 0.915 | |
| phishing | SVM | 0.85 | 0.87 | 0.86 | 0.855 |
| Random Forest | 0.87 | 0.89 | 0.88 | 0.875 |
Accuracy and false alarm rate of model recognition
| data set | Network traffic type | Recognition accuracy (%) | False alarm rate (%) |
|---|---|---|---|
| Normal flow | 98.5 | 1.5 | |
| Data set 1 | Abnormal traffic (DDoS attack) | 96.2 | 3.8 |
| Abnormal traffic (port scanning) | 97.8 | 2.2 | |
| Normal flow | 97.7 | 2.3 | |
| Data set 2 | Abnormal traffic (phishing) | 95.5 | 4.5 |
| Abnormal traffic (malware download) | 98.2 | 1.8 | |
| Comprehensive data set | All traffic types | 97.3 | 2.7 |
Performance evaluation index
| Performance index | Normal flow | Abnormal flow |
|---|---|---|
| Precision | 0.97 | 0.95 |
| Recall | 0.98 | 0.96 |
| F1 Score | 0.975 | 0.955 |