摘要
文中研究了信息传输系统安全性预测方法来提升信息系统的安全性防护,并提出一种基于Transformer和胶囊网络的信息传输系统入侵检测方法(Transformer-CapsNet,TCNet)。首先,利用Transformer提取电子传输信息系统访问域名字符串的全局编码信息,并借助Encoder提供的注意力模块提高模型的特征抽取能力;然后,利用路由算法改进胶囊网络,缓解父、子胶囊之间的信息传递冗余,同时利用改进的胶囊网络获取域名字符串在深层空间中的局部信息;最后,在多个对信息系统访问的合法域名和多个新变种或新出现的小样本家族恶意域名数据集上进行测试。结果表明,相比当前主流模型,在二分类和多分类检测任务上表现良好。
Research the security prediction method of the information transmission system to improve the security protection of the information system.An Intrusion detection of electronic information system based on Transformer and Capsule Network(Transformer-CapsNet,TCNet)is proposed.Transformer is first used to extract the global encoder information of the domain name string accessed by the electronic transmission information system,and the attention module of the encoder is used to improve the feature extraction ability of the model.Then,the routing algorithm is used to improve the capsule network to alleviate the redundancy of information transfer between parent and child capsules,and the improved capsule network is used to obtain the local information of domain name string in the deep space.Finally,normal domain names of the electronic information system and several new variants or newly emerged family malicious domain names are used to test the proposed model.The results show that the proposed model performs well in binary and multi-classification detection tasks compared with the current mainstream models.
作者
康凯
马伟
王治学
张宏武
KANG Kai;MA Wei;WANG Zhi-xue;ZHANG Hong-wu(Ningxia Normal University,Guyuan 756000,China;Ningxia University,Yinchuan 750021,China)
出处
《中国电子科学研究院学报》
北大核心
2022年第9期862-868,共7页
Journal of China Academy of Electronics and Information Technology
基金
宁夏产教融合人才培养示范专业项目(2018SFZY29)
宁夏高等学院科学研究项目(NGY2020114)。
