更改原CNN模型为GRU在DDOS入侵检测

问题遇到的现象和发生背景
使用tensorflow.keras.gru搭建网络模型做流量分析

Layer (type) Output Shape Param #

input_1 (InputLayer) (None, 100, 160)] 0

gru (GRU) (None, 64) 43392

dense (Dense) (None, 64) 4160

dropout (Dropout) (None, 64) 0

dense_1 (Dense) (None, 16) 1040

dropout_1 (Dropout) (None, 16) 0

dense_2 (Dense) (None, 2) 34

softmax (Softmax) (None, 2) 0

Total params 48,626
Trainable params 48,626
Non-trainable params 0

Process finished with exit code 0

训练过程正常收敛acc 99%,loss 0.0043%

问题相关代码，请勿粘贴截图
将实时流量保存本地，分批输入模型，在使用model.predict时返回结果是 [ [0.5,0.5]
[0.5,0.5] ]

    else:
        from utils.decision_making import send_attack_ip
 
        logger.warning("Programme started in predict mode!")
        model = GRUModel(model_config)
        trainer = UniversalTrainer(model.get_model(), None, trainer_config)
        #trainer.load("logs/CIC_DDoS_2019/release/save.h5")
        # capture and predict
        logger.info("Start capture and predict...")
        predict_index = 0
 
        record_dict = {}
 
        while True:
            predict_index += 1
            logger.info("Predict turn %s", predict_index)
            logger.info("Capturing...")
            capture_pcap(CAPTURE_FILE, INTERFACE, TIMEOUT, COUNT)
            logger.info("Capture done, generating predict set...")
 
            predict_feature_list = list(load_feature_without_label([CAPTURE_FILE, ],
                                                                   pkt_in_each_flow_limit=RNN_SHAPE[0],
                                                                   sample_limit=5000))
            predict_label_dict = generate_default_label_dict(predict_feature_list, default_label=[0.0, 1.0])
 
            logger.debug("Predict feature list: %s", predict_feature_list)
            logger.debug("Predict label dict: %s", predict_label_dict)
 
            predict_preprocessor = PcapPreprocessor(predict_preprocessor_config, predict_label_dict,
                                                    predict_feature_list)
            predict_set = GenericPcapDataLoader(predict_data_loader_config)
 
            if predict_set.get_dataset() is not None:
                # try:
                #     trainer.evaluate(predict_set.get_dataset())
                # except TypeError:
                #     logger.error("No data, continue...")
 
                result_list = []
                premake = predict_set.get_dataset()
                # premake = np.reshape(premake, (premake.shape[0], 1, premake.shape[1]))
                for flow_id, flow, label in premake:
                    # print("predict_set.get_dataset() is :",predict_set.get_dataset())
                    print("flow is :", flow)
                    #trainer.model.summary()
                    predict_result = np.argmax(trainer.model.predict(flow), axis=-1)
 
                    print("trainer.model.predict(flow) is :",trainer.model.predict(flow))
                    print("predict_result is :",predict_result)
                    result_list.append(np.average(predict_result))
                    # print("result_list is :",result_list)
                    logger.debug("Predict flow id: %s, label: %s", flow_id[0].numpy().decode("utf-8"),
                                 predict_result[0])
                    ip_addr = flow_id.numpy()[0].decode("utf-8").split("-")[0]
                    if predict_result[0] == 1:
                        send_attack_ip(ip_addr)
 
                if result_list:
                    logger.warning("Attack: about %s%%", int(np.average(result_list) * 100))
                    record_dict[time.time()] = int(np.average(result_list) * 100)
 

运行结果及报错内容

> flow is : tf.Tensor(
[[[0. 0. 0. ... 0. 0. 0.]
  [0. 0. 0. ... 0. 0. 0.]
  [0. 0. 0. ... 0. 0. 0.]
 
  [0. 0. 0. ... 0. 0. 0.]
  [0. 0. 0. ... 0. 0. 0.]
  [0. 0. 0. ... 0. 0. 0.]]], shape=(1, 100, 160), dtype=float32)
 
trainer.model.predict(flow) is  [[0.5 0.5]]
predict_result is  [0]
 

predict结果一直都是0.5

我的解答思路和尝试过的方法
校对过数据输入格式什么的和更改模型结构，发现只要去掉GRU层就能够正常检测到流量，即predict能够返回合理预测值、