摘要
针对当前企业内网缺乏相关的安全检测手段,导致内网的各类威胁事件很难被及时发现和阻止,给企业造成不必要损失的实际情况,提出了利用机器学习技术实现内网威胁检测的解决方案,通过对孤立森林及其几类衍生机器算法基于该方案的异常检测的准确性测试比较,总结实现了一套高效准确的基于机器学习技术的内网异常检测方法。
This article addresses the situation that the current intranet lacks relevant security detection methods,which makes it difficult to detect and prevent various threats in the intranet and cause unnecessary losses to the enterprise.This article proposes the solution of using machine learning technology to achieve intranet threat detection.Through the comparison of the accuracy of anomaly detection test among isolation forest and several types of derivative machine algorithms,it summarizes and implements a set of efficient and accurate intranet anomaly detection method based on machine learning technology.
作者
吕少岚
陈泽辉
王晶晶
江佳佳
LV Shao-lan;CHEN Ze-hui;WANG Jing-jing;JIANG Jia-jia(Nanjing University of Aeronautics and Astronautics,Nanjing 211106,Jiangsu;SAIC Volkswagen Automotive Co.,Ltd.,Shanghai 201805)
出处
《电脑与电信》
2022年第10期65-76,共12页
Computer & Telecommunication
关键词
内网安全
威胁检测
机器学习
合规态势
无监督学习
Intranet security
threat detection
machine learning
compliance situation
unsupervised learning