Malicious traffic prediction model for ResNet based on Maple-IDS dataset

In light of the increasing threat posed by cyberattacks, it is imperative for organizations to accurately identify malicious network traffic. However, the imbalance among various attack categories diminishes the accuracy of model predictions. To address this issue, we propose the Maple-IDS dataset as an innovative solution. We utilize DPDK along with its zero-copy (ZC) technology and BPF compiler to compile filtering rules. Additionally, a headless client is employed to generate control traffic, thereby preventing overfitting. Our data collections are sourced from a variety of operating systems and middleware platforms, ensuring broad applicability and relevance. By comparing our dataset with the CIC-IDS-2017 dataset, we achieve a more balanced representation of attack data, which enhances the model’s learning performance. To tackle the challenges of low accuracy and slow convergence speed in existing network security situation predictions, we propose a network situation awareness prediction model that integrates a residual network with an improved attention mechanism. This model leverages the attention mechanism to assign greater weight to abnormal data, thereby facilitating the accurate identification of anomalies within large data streams. Furthermore, the residual network accelerates convergence speed, enhances the model’s expressive capability, and improves the efficiency of rapid response to attacks. Experimental results indicate that the accuracy of predicting attack data flows reaches an impressive 99.83%, which significantly aids in the early detection of network security threats and enables preemptive measures to maintain normal network operations.