In recent years, with the increase of human activities in cyberspace, intrusion events, such as network penetration, detection and attack, tend to be frequent and hidden. The traditional intrusion detection methods which prefer rules are not enough to deal with the increasingly complex network intrusion flow. However, the generalization ability of intrusion detection system based on classical machine learning method is still insufficient, and the false alarm rate is high. Aiming at this problem, we consider that normal network traffic and intrusion network traffic are obviously different in several semantic dimensions, though the intrusion traffic is more and more covert. Then we propose a new intrusion detection method, named SRDLM, based on semantic re-encoding and deep learning. The SRDLM method re-encodes the semantics of network traffic, increases the distinguish ability of traffic, and enhances the generalization ability of the algorithm by using deep learning technology, thus effectively improving the accuracy and robustness of the algorithm. The accuracy of the SRDLC algorithm for Web character injection network attack detection is over 99%. When detecting the NSL-KDD data set, the average performance is improved by more than 8% compared with the traditional machine learning method.

近年来，随着网络空间中人类活动的增加，入侵事件（例如网络渗透，检测和攻击）趋于频繁和隐蔽。偏爱规则的传统入侵检测方法不足以应对日益复杂的网络入侵流程。但是，基于经典机器学习方法的入侵检测系统的泛化能力仍然不足，虚警率较高。针对这个问题，我们认为正常网络流量和入侵网络流量在几个语义维度上明显不同，尽管入侵流量越来越隐蔽。然后，我们提出了一种基于语义重新编码和深度学习的新的入侵检测方法，称为SRDLM。SRDLM方法会重新编码网络流量的语义，利用深度学习技术，提高了流量的识别能力，增强了算法的泛化能力，有效地提高了算法的准确性和鲁棒性。用于Web字符注入网络攻击检测的SRDLC算法的准确性超过99％。检测NSL-KDD数据集时，与传统的机器学习方法相比，平均性能提高了8％以上。