# Malicious traffic prediction model for ResNet based on Maple-IDS dataset

**Authors:** Qingfeng Li, Boyu Wang, Xueyan Wen, Yuao Chen

PMC · DOI: 10.1371/journal.pone.0322000 · PLOS One · 2025-05-13

## TL;DR

This paper introduces a new dataset and a deep learning model to improve the detection of malicious network traffic and enhance network security.

## Contribution

The novel Maple-IDS dataset and a residual network with an improved attention mechanism are proposed to address traffic imbalance and improve prediction accuracy.

## Key findings

- The Maple-IDS dataset provides a more balanced representation of attack data compared to CIC-IDS-2017.
- The proposed model achieves 99.83% accuracy in predicting attack data flows.
- The model improves convergence speed and anomaly detection in large data streams.

## Abstract

In light of the increasing threat posed by cyberattacks, it is imperative for organizations to accurately identify malicious network traffic. However, the imbalance among various attack categories diminishes the accuracy of model predictions. To address this issue, we propose the Maple-IDS dataset as an innovative solution. We utilize DPDK along with its zero-copy (ZC) technology and BPF compiler to compile filtering rules. Additionally, a headless client is employed to generate control traffic, thereby preventing overfitting. Our data collections are sourced from a variety of operating systems and middleware platforms, ensuring broad applicability and relevance. By comparing our dataset with the CIC-IDS-2017 dataset, we achieve a more balanced representation of attack data, which enhances the model’s learning performance. To tackle the challenges of low accuracy and slow convergence speed in existing network security situation predictions, we propose a network situation awareness prediction model that integrates a residual network with an improved attention mechanism. This model leverages the attention mechanism to assign greater weight to abnormal data, thereby facilitating the accurate identification of anomalies within large data streams. Furthermore, the residual network accelerates convergence speed, enhances the model’s expressive capability, and improves the efficiency of rapid response to attacks. Experimental results indicate that the accuracy of predicting attack data flows reaches an impressive 99.83%, which significantly aids in the early detection of network security threats and enables preemptive measures to maintain normal network operations.

## Full-text entities

- **Diseases:** IDS (MESH:D016532)

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/PMC12074334/full.md

## Figures

14 figures with captions in the complete paper: https://tomesphere.com/paper/PMC12074334/full.md

## References

26 references — full list in the complete paper: https://tomesphere.com/paper/PMC12074334/full.md

---
Source: https://tomesphere.com/paper/PMC12074334