| dc.description.abstract | As technology improves every day, the internet is becoming inseparable with world and the number of connected devices growing rapidly. Also, the connected devices become target for cyber attacker. The rise of artificial intelligence models (AI models) has taken a big step forward in every field, including cyber defense. However, attackers are constantly updating network attack methods. Under the various attack methods, the analysis of attack data will be presented in two data characteristics, time domain and frequency domain. AI model developers usually choose a data type for model development. However, in recent years, AI model developers usually change the model structure to bring better model performance, rather than optimizing the model calculation strategy, so that AI models need to use higher computing power. Driven by intelligent life, networked devices with low computing power are rapidly growing, and attackers also target such devices with low defense. Therefore, the ability to have two data characteristics at the same time, lightweight and artificial intelligence model analysis will be the key to defense deployment and model optimization of future cyber attacks.
This paper, Spectrogram is used to bring the data of time domain and frequency domain characteristics into the artificial intelligence model at the same time. In order to solve the problem of defense deployment of low computing devices, a Light Weight Gray Spectrogram Convolution Neural Network( LGS-CNN) and 1DG-Spectrogram Convolution Neural Network (1DGS-CNN) are proposed, and use Explainable AI (Explainable AI, XAI) for model parsing. It can effectively classify 7 attack types in the public data set, and achieve 98.86% and 98.79% accuracy respectively. Compared with the SDCNN model, the floating-point calculation per second is lower than 12.14% and 96.57%, respectively. Under the feature analysis, it can be ensured that the number of features used by the model can reach the optimal state of the model when the number of features is 76. The results show that the lightweight convolutional neural network and XAI feature image malicious traffic detection proposed in this paper can effectively reduce the system burden and ensure the optimal performance in terms of the number of features used. | en_US |