A Framework for Predicting Network Security Situation Based on the Improved LSTM

Abstract

In recent years, raw security situation data cannot be utilized well by fully connected neural networks. Generally, a cyber infiltration is a gradual process and there are logical associations between future situation and historical information. Taking the factors into account, this paper proposes a framework to predict network security situation. According the needs of this framework, we improve Long Short-Term Memory (LSTM) with Cross-Entropy function, Rectified Linear Unit and appropriate layer stacking. Modules are designed in the framework to transform raw data into quantitative results. Finally, the performance is evaluated on KDD CUP 99 dataset and UNSW-NB15 dataset. Experiments prove that the framework built with the improved LSTM has better performance to predict network security situation in the near future. The framework achieves a relatively practical prediction of network security situation, helping provide advanced measures to improve network security.