With the development of blockchain, artificial intelligence and data mining technology, abnormal network traffic data has become easy to obtain. The traffic detection model detects the traffic patterns in the network to find abnormal traffic that does not conform to the normal traffic law, which has great security significance for Industrial Internet of Things (IIoT) networks and devices in real scenarios. However, previous abnormal detection models rely on expert experience and cannot cope with real-time changes in IIoT scenarios. The manual features cannot be sufficiently representative and adaptive. Moreover, there are few abnormal traffic data in real scenarios, which makes the model unable to fully learn the potential distribution in abnormal data. Therefore, in this work, we propose a deep abnormal network traffic detection model (DANTD) for security of IIoT using high-order features and novel data augmentation strategies. The DANTD model first adopts a deep convolutional autoencoder to extract effective high-order features to make it more representative. Then the DANTD model uses generative adversarial networks as data augmentation strategies to enrich the abnormal data, so that the model can fully consider the information of the data distribution. Comprehensive experiments on real IIoT datasets validate the effectiveness of the DANTD model.
Read full abstract