Research on Intelligent Network Security Event Detection and Emergency Disposal Technology
31 mar 2025
O artykule
Data publikacji: 31 mar 2025
Otrzymano: 11 lis 2024
Przyjęty: 14 lut 2025
DOI: https://doi.org/10.2478/amns-2025-0819
Słowa kluczowe
© 2025 Wang Xiaoxia, published by Sciendo
This work is licensed under the Creative Commons Attribution 4.0 International License.
Figure 1.
Figure 2.
Figure 3.
Figure 4.
Figure 5.
Figure 6.
Figure 7.
Figure 8.
Figure 9.
Identification of different types of attacks in different models
| Attack type | Model | Precision | accuracy | Recall | F1 score |
|---|---|---|---|---|---|
| CNN-LSTM_HMNID | 0.95 | 0.96 | 0.94 | 0.945 | |
| DDoS attack | SVM | 0.90 | 0.92 | 0.88 | 0.89 |
| Random Forest | 0.92 | 0.93 | 0.90 | 0.91 | |
| CNN-LSTM_HMNID | 0.93 | 0.95 | 0.96 | 0.945 | |
| Port scanning | SVM | 0.88 | 0.90 | 0.92 | 0.90 |
| Random Forest | 0.90 | 0.92 | 0.91 | 0.905 | |
| CNN-LSTM_HMNID | 0.91 | 0.93 | 0.92 | 0.915 | |
| phishing | SVM | 0.85 | 0.87 | 0.86 | 0.855 |
| Random Forest | 0.87 | 0.89 | 0.88 | 0.875 |
Accuracy and false alarm rate of model recognition
| data set | Network traffic type | Recognition accuracy (%) | False alarm rate (%) |
|---|---|---|---|
| Normal flow | 98.5 | 1.5 | |
| Data set 1 | Abnormal traffic (DDoS attack) | 96.2 | 3.8 |
| Abnormal traffic (port scanning) | 97.8 | 2.2 | |
| Normal flow | 97.7 | 2.3 | |
| Data set 2 | Abnormal traffic (phishing) | 95.5 | 4.5 |
| Abnormal traffic (malware download) | 98.2 | 1.8 | |
| Comprehensive data set | All traffic types | 97.3 | 2.7 |
Performance evaluation index
| Performance index | Normal flow | Abnormal flow |
|---|---|---|
| Precision | 0.97 | 0.95 |
| Recall | 0.98 | 0.96 |
| F1 Score | 0.975 | 0.955 |