Abstract
Cyber security situation awareness, has become a hotpot of research. However, the existing cyber security situation awareness methods are difficult to extract high-order features from network traffic data. In this work, we present an improved cyber security situation awareness method based on ResMLP and LSTM network from a new perspective. Our work focus on cyber attack behavior analysis, that is a key research content of cyber security situation awareness. It introduces the Residual Multi-Layer Perceptrons in deep learning into the network structure of long-short term memory. It can effectively extract the spatial and temporal characteristics of network traffic data, reduce the computational complexity, and improve the accuracy of cyber security situation awareness. Firstly, we extract the spatial features using the ResMLP network. Secondly, we extract the temporal characteristics using the LSTM network. The architecture of the ResMLP network replaces the self-noticing layer with a linear interaction layer, and this design architecture allows the model to guarantee accurate cyber attack behavior analysis performance while balancing the computational cost of the model, which can improve the detection efficiency of the model. Considering that the network data are fed into the model in the form of time series after processing, the model incorporates LSTM networks to avoid the gradient problem while better bringing up the temporal characteristics in the data.The experimental results show that the proposed method can model the future cyber security situation in a network environment more accurately than other similar methods.
Acknowledgements
Recommended for acceptance by Dr. Zhijie Fan. (Corresponding author: Bo Jin, Co-first Author: Ping Zhao). We thank the anonymous reviewers and the editors for their insightful comments and assistance.
DISCLOSURE STATEMENT
No potential conflict of interest was reported by the author(s).
Additional information
Funding
Notes on contributors
![](/cms/asset/8f451ec7-0bf1-4f34-923a-7eb9671fb1de/tijr_a_2176365_ilg0001.gif)
Zhijie Fan
Zhijie Fan received the PhD degree in Tongji University, Shanghai, China, in 2019. He received the MS degree from Zhejiang University, Hangzhou, China in 2009. He joined the faculty of the School of Computer Science, Fudan University in 2019. Now he is a post-doctoral scholar in Fudan University. He also is a researcher in The Third Research Institute of Ministry of Public Security. His current research interests include network security and machine learning. Email: [email protected]
![](/cms/asset/54901437-040c-427a-b12e-ecd9bf4b6f06/tijr_a_2176365_ilg0002.gif)
Ping Zhao
Ping Zhao is currently pursuing the Master's degree in People's Public Security University of China. Her research interests include cyber security, video network and deep learning. Email: [email protected]
![](/cms/asset/18849877-69df-40d9-9d1b-e94f6904b753/tijr_a_2176365_ilg0003.gif)
Bo Jin
Bo Jin received the PhD degree in automation control from East China University of Science and Technology, Shanghai, China, in 2000. He received the MS degree in computer science from East China University of Science and Technology, Shanghai, China, in 1996. Now he is a professor of the Third Research Institute of Ministry of Public Security, China. His research interests include network security, big data, and artificial intelligence. Corresponding author. Email: [email protected]
![](/cms/asset/66798d5b-d53d-4045-8cc9-a5dde6340508/tijr_a_2176365_ilg0004.gif)
Qianjin Tang
Qianjin Tang received the PhD degree from Shanghai Institute of Optics and Fine Mechanics, Chinese Academy of Sciences in 2007. He received the MS degree from Sichuan Normal University, Chengdu, China in 2004. Now he is a researcher in The Third Research Institute of Ministry of Public Security. His current research interests include application and security of big data and artificial intelligence technology. Email: [email protected]
![](/cms/asset/70e9ab35-0500-4329-b500-dffcbb1a3916/tijr_a_2176365_ilg0005.gif)
Changsong Zheng
Changsong Zheng received the Master's degree in University of Electronic Science and Technology of China, Chengdu, China, in 2008. He is an assistant researcher with the Sichuan Provincial Public Security Department, Chengdu. His current research interests include information security & machine learning. Email: [email protected]
![](/cms/asset/46e61e14-0ea5-4ad3-8c66-15fb43f00f01/tijr_a_2176365_ilg0006.gif)
Xin Li
Xin Li received the PhD degree in Zhejiang University, Hangzhou, China, in 2006. He is currently a professor of computer science, People's Public Security University of China. His research interests include big data, cyber security and video content analysis. Email: [email protected]