摘要
随着人工智能的发展,深度学习算法在僵尸网络检测领域的应用越来越广泛,但现有的僵尸网络检测方法多是从单一维度特征进行检测,不具备良好的全面性和适用性。因此,提出了一种从空间和时间两个维度进行特征学习的检测模型,使用ResNet神经网络学习空间特征,使用BiLSTM神经网络学习时间特征,以提取更全面的僵尸网络流量特征。实验表明,该模型性能良好,能够对僵尸网络进行较为准确的识别,且具有一定的检测未知僵尸网络的能力。
With the development of artificial intelligence,deep learning algorithm has been applied more and more widely in the field of botnet detection.However,the existing botnet detection methods are mostly based on single dimension features,which are not comprehensive and applicable.Therefore,a detection model for feature learning from two dimensions of space and time is proposed.ResNet neural network is used to learn spatial features,and BiLSTM neural network is used to learn temporal features to extract more comprehensive botnet traffic characteristics.Experiments indicate that the model performs well,can recognize botnets more accurately,and has a certain ability to detect unknown botnets.
作者
谭越
邹福泰
TAN Yue;ZOU Fu-tai(School of Cyber Security,Shanghai Jiaotong University,Shanghai 200240,China)
出处
《通信技术》
2019年第12期2975-2981,共7页
Communications Technology
基金
国家重点研发计划项目课题(No.2017YFB0802300,No.2018YFB0803503)
NSFC-浙江两化融合联合基金(No.U1509219)~~
