摘要
近年来,随着网络安全方面的政策倾斜和社会投入的增加,网络整体安全现状得到大幅改善,但针对园区网内部局域网络安全的相关研究却相对较少。为了解这些小型局域网络内部的安全状况,文章运用Zeek开源软件实现了对局域网流量的数据采集,进而使用Python和相关机器学习算法实现了网络流量数据处理、算法模型训练和异常行为检测等环节,实现了以较低经济成本、方便快捷地对局域网流量进行异常检测,能够有效提升网络管理工作效率。
Recent years,with the policy inclination and the increase of social investment,the overall status of cyber security has been greatly improved,but relevant research on the local area network security within the campus network is relatively rare.In order to understand the internal security status of these small local area networks,we use an open-source software called Zeek to realize data collection of local area network traffic,and then uses Python and related machine learning algorithms to realize network traffic data processing,model training and abnormal behavior detection.The entire anomaly detecting process is convenient,fast,and at a lower economic cost,which is of great help to improve the efficiency of network management.
作者
王军国
吴瑞
Wang Junguo;Wu Rui(Nanjing Police University,Nanjing 210023,China)
出处
《无线互联科技》
2024年第1期70-73,共4页
Wireless Internet Technology
基金
中央高校基本科研业务费专项资金,项目编号:LGYB202203。
关键词
机器学习
网络流量
异常检测
machine learning
network traffic
anomaly detection