摘要
新型恶意软件的频繁出现给网络安全带来严峻挑战。恶意流量特征提取是解决该问题的重要手段。文章主要对近年恶意流量特征提取方法进行研究:首先给出恶意流量的类别;然后以恶意流量特征提取过程为主线,重点从流量采集、逆向分析、特征生成、特征评估与优化4个方面总结恶意流量特征提取研究工作;接着详细阐述手机和物联网设备的恶意流量特征提取方法 ;最后总结全文并给出未来研究方向。
The frequent occurrence of new malware presents severe challenges in network security. It is necessary way to resolve this problem by extracting malicious traffic features. This paper systematically reviews the existing methods of malicious traffic feature extraction. Firstly, we introduce malicious traffic classes. Then, based on the principal line of the process of malicious traffic feature extraction, we generalize the recent works in four aspects: traffic acquisition, reverse analysis, feature generation, feature evaluation and optimization. Moreover, we detail the methods of malicious traffic feature extraction on smartphone and Internet of thing devices. Finally, we summarize the paper and discuss the future work in this research area.
作者
鲁刚
郭荣华
周颖
王军
LU Gang;GUO Ronghua;ZHOU Ying;WANG Jun(Chinese Luoyang Electronic Equipment Test Center,Luoyang Henan 471003,China)
出处
《信息网络安全》
CSCD
北大核心
2018年第9期1-9,共9页
Netinfo Security
基金
国家自然科学基金[61402485]
关键词
网络安全
恶意流量
特征提取
特征检测
网络行为
network security
malicious traffic
feature extraction
feature detection
network behavior
