当前位置:网站首页>Application of semi supervised learning in malware traffic detection
Application of semi supervised learning in malware traffic detection
2022-07-19 12:02:00 【Robert's house of Technology】
【 pick want 】 Malware detection is to ensure network security 、 One of the key technologies to prevent network anomalies . In order to solve the problem that malware traffic detection method based on deep learning needs a large number of manually labeled network traffic samples , At the same time, the detection accuracy of the algorithm is maintained , A malware detection method based on semi supervised learning and network traffic is proposed , It uses a small number of tagged network traffic samples and a large number of unlabeled network traffic samples to train the malware detection model . Experimental results show that , The proposed method has better performance than the general malware traffic detection method based on deep learning in the environment of small sample traffic , It can be used in malware traffic detection scenarios with less tag data .
【 key word 】 Malware detection ; The network traffic ; Semi-supervised learning ; The migration study
0 introduction
Ensuring safe and reliable communication is considered to be one of the key technologies of the Internet , Malware detection (MD, Malware Detection) Technology plays an important role in the field of network security and Internet [1-3]. In recent years , With the rapid development of Internet , Various applications are also proliferating , Such as website 、 Microblogging 、 video 、 Group purchase software, etc . Although these have improved people's lives to a certain extent , But it also led to hacker attacks 、 Network security problems such as data leakage have increased significantly [4]. Software traffic can record and reflect network operation [5-7]. In order to ensure the network security of the future Internet , It is necessary to identify malware traffic and prevent various attacks .
At present, there are three traditional malware traffic classification methods [8-10]: Port based approach 、 Based on payload or deep packet detection (DPI, Deep Packet Inspection) And statistical methods , Specifically Pictured 1 Shown :
边栏推荐
猜你喜欢
Bet Net is a good thing
【二叉树】之力扣牛客必刷题
windows10:vscode下go语言的适配
03-1、内联函数、auto关键字、typeid、nullptr
LeetCode刷题——查找和最小的 K 对数字#373#Medium
TCP拥塞控制详解 | 7. 超越TCP
Nintendo patent shows that the follow-up products of fitness ring accessories may be under development
From "passive" to "active", how can zeta technology help to upgrade "rfid2.0"?
QT -- excellent open source project
赋能城市“规、建、运、管、服”——MapGIS CIM平台探索“CIM+”多场景应用
随机推荐
Two misunderstandings of digital transformation
How to delay loading JS
Redis分布式緩存-Redis集群
02-3、指针和引用的区别
How to build dashboard and knowledge base in double chain note taking software? Take the embedded widget library notionpet as an example
jconsole线程面板中的阻塞总数和等待总数(转)
A summary of C language pointer
翻墙后看什么?最热门的国外网站——翻墙网址导航
02-2. Default parameters, function overloading, reference, implicit type conversion, about error reporting
QT -- excellent open source project
565. 数组嵌套 : 常规模拟题
任天堂专利显示健身环配件后续产品或已在开发中
Flink
Property analysis of rotate matrix (forwarding)
cv02-roge矩阵,旋转向量 ,角度
Basic operation of tree
[PostgreSQL] PostgreSQL 15 optimizes distinct
Robot development -- common simulation software tools
03-1. Inline function, auto keyword, typeID, nullptr
Why does the magnetic variable speed gear reverse?