基于生成式零样本学习的未知恶意流量分类方法

Unknown malicious traffic classification method based on generative Zero-shot learning

未知恶意流量是网络安全的重大安全挑战,对未知恶意流量的分类能够增强网络威胁识别能力,指导网络防御策略.未知恶意流量由于缺乏样本,无法满足现有的深度学习方法对大量数据的需要.本文提出了一种基于生成式零样本学习的未知恶意流量分类方法.从原始的网络流量中提取出关键的恶意流量信息并转化为二维图像,提出将恶意流量的属性信息作为辅助语义信息,利用条件生成对抗网络生成类别样本.同时,本文还添加了类级别的对比学习网络,使得生成的类别样本质量更高并且更具有类间区分度.实验结果表明,该方法在未知恶意流量分类问题上平均准确率能够达到90%以上,具有较高的应用价值.

Unknown malicious traffic is a major security challenge for network security,and the classification of unknown malicious traffic can enhance network threat identification and guide network defense strategies.the lack of unknown malicious samples cannot meet the need of existing deep learning methods for large amount of data.To address this problem,we propose a generative zero-shot learning based method for classifying unknown malicious traffic.The key malicious traffic information is extracted from the original network traffic and transformed into two-dimensional images,and the attribute information of malicious traffic is proposed as auxiliary semantic information to generate class samples using conditional adversarial networks.In this paper,we also add a class-level comparative learning network to generate class samples with higher quality and more differentiation between classes.The experimental results show that the average accuracy of this method can reach more than 90%in the classification problem of unknown malicious traffic.It has high application value.