An Attack Traffic Identification Method Based on Temporal Spectrum

TL;DR

This paper introduces a novel attack traffic detection method using temporal spectrum analysis, which enhances robustness and accuracy in identifying network attacks amidst noisy data.

Contribution

The paper proposes spectral label generation methods SSPE and COAP to improve attack detection accuracy and robustness over traditional techniques.

Findings

10% improvement in identification accuracy

Enhanced robustness in noisy environments

Effective behavioral pattern capture

Abstract

To address the issues of insufficient robustness, unstable features, and data noise interference in existing network attack detection and identification models, this paper proposes an attack traffic detection and identification method based on temporal spectrum. First, traffic data is segmented by a sliding window to construct a feature sequence and a corresponding label sequence for network traffic. Next, the proposed spectral label generation methods, SSPE and COAP, are applied to transform the label sequence into spectral labels and the feature sequence into temporal features. Spectral labels and temporal features are used to capture and represent behavioral patterns of attacks. Finally, the constructed temporal features and spectral labels are used to train models, which subsequently detects and identifies network attack behaviors. Experimental results demonstrate that compared to traditional methods, models trained with the SSPE or COAP method improve identification accuracy by 10%, and exhibit strong robustness, particularly in noisy environments.