期刊文献+

基于集成学习策略的网络恶意流量检测技术研究 被引量:2

Research on Network Malicious Traffic Detection Technology Based on Ensemble Learning Strategy
下载PDF
导出
摘要 网络流量是网络攻击的主要载体,对恶意流量识别与分析是保障网络安全的重要手段.机器学习方法已广泛应用于恶意流量识别,能实现较高精度的识别.在现有的方法中,融合模型较单一统计模型更准确,但对网络行为的挖掘深度不足.提出一种面向恶意流量识别的多层次网络特征的堆叠模型Multi-Stacking,利用网络流量在不同会话粒度的网络行为模式,结合堆叠模型对于多维数据的鲁棒拟合能力,深度挖掘恶意网络行为.通过在CICIDS2017和CICIDS2018数据集上验证多种融合模型的检测能力,综合量化比较各种检测方法,深入分析了Multi-Stacking检测方法在多类型攻击流量识别场景中的表现.实验结果表明,基于多层次堆叠的恶意流量检测方法可以进一步提升检测精度. Network traffic is the main carrier of network attacks,and the identification and analysis of malicious traffic is an important means to ensure network security.Machine learning method has been widely used in malicious traffic identification,which can achieve high precision identification.In the existing methods,the fusion model is more accurate than the single statistical model,but the depth of network behavior mining is insufficient.This paper proposes a stacking model that identifies multi-level network features and is Multi-Stacking for malicious traffic.It employs the network behavior patterns of network traffic in different session granularity and combines the robust fitting capability of the stacking model for multi-dimensional data to deeply heap malicious network behaviors.By verifying the detection capabilities of multiple fusion models on the CICIDS2017 and CICIDS2018 datasets,various detection methods are comprehensively quantified and compared,and the performance of Multi-Stacking detection methods in Multi-Stacking scenarios is deeply analyzed.The experimental results show that the malicious traffic detection method based on multi-level stacking can further improve the detection accuracy.
作者 高源辰 徐国胜 Gao Yuanchen;Xu Guosheng(International School,Beijing University of Posts and Telecommunications,Beijing 100876;School of Cyberspace Security,Beijing University of Posts and Telecommunications,Beijing 100876)
出处 《信息安全研究》 CSCD 2023年第8期730-738,共9页 Journal of Information Security Research
基金 国家重点研发计划项目(2021YFB3101500)。
关键词 恶意识别 流量分析 集成方法 堆叠模型 多层次特征 malicious detection traffic analysis ensemble methods stacking model multilevel features
  • 相关文献

参考文献4

二级参考文献15

共引文献63

同被引文献10

引证文献2

二级引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部