Traditional network intrusion detection methods lack the ability of automatic feature extraction for encrypted network malicious traffic, and thus, the detection rates are low. Moreover, the means of this malicious traffic are concealed, and the key malicious features are usually hidden in many normal data packets, so fewer encrypted malicious traffic samples can be captured. This easily leads to insufficient system training, low detection rate, and high false alarm rate. This letter proposes an encrypted network malicious traffic detection model based on deep learning, in which automatic feature extraction is performed against encrypted network malicious traffic. The proposed model has self-learning and self-adaption abilities. Furthermore, a sample generation method of encrypted traffic based on deep Q-networks and deep convolution generative adversarial networks is proposed, in which new samples are learned from the training samples of encrypted traffic and solves problems, such as insufficient original training samples and unbalanced samples. In a validation experiment, the proposed model could distinguish between normal and abnormal encrypted network traffic, and the accuracy rate reached 99.94%. Experimental results show that the proposed model in this letter can provide a new and better solution for an encrypted network malicious traffic detection system.
In this paper, Self-Organizing Map (SOM) is used to visualize and cluster the data set of aerosol single particle mass spectrum, which was collected by aerosol time-of-flight mass spectrometry (ATOFMS). In view of the characteristic feature of aerosol particle data, the TF-IDF scheme used widely in document clustering is employed to preprocess. Subsequently for data clustering analysis, a two-level clustering framework is proposed, wherein SOM is firstly used to cluster input data and get the primary results, and then the results are again clustered by semiautomatic k-means algorithm. In order to demonstrate the validity of clustering, the chemical significance for cluster centroid is also investigated, wherein inorganic salts, "CalciumContaining" particles, biogenic soot particles, and carbonaceous particles etc. are identified.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.