摘要
僵尸网络是网络攻击中的突出品种,其攻击手段多样,集合了木马攻击、蠕虫攻击等多种方式。为了能够较早较快地通过网络流量来发现僵尸网络,该文采用一种基于生成对抗网络的检测方法,选择了种类丰富的僵尸网络数据集,重新整理了检测时需求的网络流的特征,在训练集中混入生成样本,提高样本的多样性和丰富程度,提升分类模型的判别能力。通过在多个指标上与不使用生成样本训练的分类模型进行对比实验,实验结果表明,加入生成样本训练的分类模型对比不使用生成样本的分类模型,准确率提升了2%,精确率提升了5%。
Botnet is a prominent variety of network attacks,its attack means are various,including trojan horse attack,worm attack and so on. In order to find botnets earlier and faster through network traffic,this paper adopts a detection method based on generative countermeasure network,selects a variety of botnet data sets,reorganizes the characteristics of network flow required in detection,and mixes the generated samples in the training set to improve the diversity and richness of samples,improve the discrimination ability of classification model. The experimental results show that the accuracy rate of the classification model with generated sample training is 2% higher than that without generated sample training,and the accuracy rate is 5%.
作者
薛昊天
王晨
XUE Haotian;WANG Chen(Wuhan Research Institute of Posts and Telecommunications,Wuhan 430000,China;Nanjing Fiberhome World Communication Technology Co.,Ltd.,Nanjing 210000,China)
出处
《电子设计工程》
2022年第17期146-149,共4页
Electronic Design Engineering
关键词
僵尸网络
流特征检测
生成式对抗网络
博弈对抗
botnet
flow feature detection
generative confrontation network
game confrontation
