摘要
运载火箭测发网络是维系各型号运载火箭远距离测试及发射控制的重要国防基础设施,对测发网络流量进行异常检测是保证其正常工作的关键举措。近年来,随着测发网络功能的拓展,其面临的网络安全威胁越来越严重,而当前的安全检测主要依赖于基于异常特征库匹配的流量异常检测方法,这种检测方法对一些新型攻击检测能力非常有限。本文结合运载火箭测发网络实际特点,针对以使用用户数据报协议(UDP)为主的测发网络流量,设计一种新的基于固定数据包数目的流量图片样本生成方法,首次提出在测发网络流量异常检测问题上使用卷积神经网络,以原始网络流量作为输入,避开难以解决的人工特征集设计问题。通过测发网络真实网络流量数据进行实验,取得了较高的精度、召回率和准确率,验证了本方法具备一定的实用性。
The measurement and control network for launch vehicles is an important national defense infrastructure for implementing the long-distance tests and launch control of launch vehicles. The anomaly detection of network traffic is the key measure to ensure its normal operation. With the expansion of network functions in recent years, the security threats have become more and more serious. However, the current anomaly detection mainly relies on anomaly signature database matching, which has limited detection capabilities for some new attacks. In view of the actual characteristics of the launch vehicle detection network, a new method for the flow image sample generation based on a fixed number of traffic packets is designed for networks mainly using the user datagram protocol(UDP) protocol. The convolutional neural network is proposed for the first time to detect the network traffic anomalies, and the original network traffic is used as the input to avoid the difficult artificial feature set design problem. Finally, real data are used to conduct tests. The obtained high precision rates, recall rates, and accuracy rates verify the practicability of the method proposed in this paper.
作者
徐洪平
马泽文
易航
XU Hongping;MA Zewen;YI Hang(Beijing Institute of Astronautical System Engineering,Beijing 100076,China)
出处
《上海航天(中英文)》
CSCD
2023年第1期86-93,共8页
Aerospace Shanghai(Chinese&English)
基金
国家自然科学基金(62072025)。
关键词
运载火箭测发网络
异常检测
卷积神经网络
样本生成
机器学习
深度学习
measurement and control network for launch vehicles
anomaly detection
convolutional neural network
sample generation
machine learning
deep learning
