Article Preview
Top1. Introduction
With the rapid progress of network technology in recent years, the world is in the era of Internet plus. The Internet has become an indispensable tool for people's daily communication. The information network has also gone deep into all aspects of the economic field, and people, goods and commerce have been gradually interconnected through the information network. Although the Internet can bring great help to human life, it also brings security risks too serious to be ignored (Gamage et al., 2020; Ošlejšek et al., 2021; C et al., 2022), such as distributed denial of service, ransomware and other malicious network attacks that take advantage of the availability characteristics of the Internet of Things (IoT) platform. Such attacks are becoming more and more complex and mature and may threaten data integrity, privacy and availability (Gamage et al., 2020; Dong et al., 2020; Asvija et al., 2021). Malicious network activities always threaten people's information infrastructure, application and data security, and bring many serious consequences, such as server downtime, unauthorized illegal access, information leakage, tampering and destruction (Hewitt et al., 2021; Nie et al., 2022). Therefore, in order to protect people's lives and even national security, highly accurate and timely security detection of network information is crucial (Singh et al., 2021).
As an important component of the network security protection system, network intrusion detection (NID) technology can effectively identify abnormal data in various complex network environments (Bondgulwar et al., 2021; Chen et al., 2019; Akbulut et al., 2019). It is an effective way to ensure the security of computer networks by stopping various malicious network activities from causing more harm. NID usually builds a network activity model based on machine learning (ML) methods, and detects malicious network activities by evaluating the differences between network intrusion activities and normal behavior (Kaur et al., 2020; Mahmoud et al., 2021). ML models for the purpose of NID are basically implemented based on decision trees, Bayesian network models and support vector machines, which can enhance the classification performance of network activities to some degree, making the security protection systems smarter and more efficient (Liu Wei, 2021; Xie et al., 2019). However, the traditional methods also have the problems of high false positive rate and low accuracy. Deep learning (DL) models are a subset of ML research. Compared with shallow learning model, DL model has stronger fitting ability. Applying deep learning technology to NID has become the research priority for many scholars (Chandramohan et al., 2020).