当前位置:网站首页>Application of semi supervised learning in malware traffic detection
Application of semi supervised learning in malware traffic detection
2022-07-19 12:02:00 【Robert's house of Technology】
【 pick want 】 Malware detection is to ensure network security 、 One of the key technologies to prevent network anomalies . In order to solve the problem that malware traffic detection method based on deep learning needs a large number of manually labeled network traffic samples , At the same time, the detection accuracy of the algorithm is maintained , A malware detection method based on semi supervised learning and network traffic is proposed , It uses a small number of tagged network traffic samples and a large number of unlabeled network traffic samples to train the malware detection model . Experimental results show that , The proposed method has better performance than the general malware traffic detection method based on deep learning in the environment of small sample traffic , It can be used in malware traffic detection scenarios with less tag data .
【 key word 】 Malware detection ; The network traffic ; Semi-supervised learning ; The migration study
0 introduction
Ensuring safe and reliable communication is considered to be one of the key technologies of the Internet , Malware detection (MD, Malware Detection) Technology plays an important role in the field of network security and Internet [1-3]. In recent years , With the rapid development of Internet , Various applications are also proliferating , Such as website 、 Microblogging 、 video 、 Group purchase software, etc . Although these have improved people's lives to a certain extent , But it also led to hacker attacks 、 Network security problems such as data leakage have increased significantly [4]. Software traffic can record and reflect network operation [5-7]. In order to ensure the network security of the future Internet , It is necessary to identify malware traffic and prevent various attacks .
At present, there are three traditional malware traffic classification methods [8-10]: Port based approach 、 Based on payload or deep packet detection (DPI, Deep Packet Inspection) And statistical methods , Specifically Pictured 1 Shown :
边栏推荐
- Dream CMS Front Office Search SQL Injection
- Valid bracket sequence of "Niuke | daily question"
- Solution of connecting MySQL instance with public network
- TCP congestion control details | 7 Surpass TCP
- TiDB 内存控制文档
- 02-2. Default parameters, function overloading, reference, implicit type conversion, about error reporting
- 2022.07.14 summer training personal qualifying (IX)
- C语言绘图示例-调色板
- Region performance tuning
- Tikv memory parameter performance tuning
猜你喜欢
随机推荐
Unchangeable status quo
[MySQL] add, delete, check and modify MySQL (Advanced)
LeetCode_17_电话号码的字母组合
MapGIS IGServer九州-驾驭国产化环境下的拓展服务开发
MAPGIS igserver Kyushu - expand service development under the control of localization environment
Redis distributed cache redis cluster
TiKV Follower Read
03-2、
03-1、内联函数、auto关键字、typeid、nullptr
夢想CMS 前臺搜索SQL注入
565. Array nesting: regular simulation questions
From "passive" to "active", how can zeta technology help to upgrade "rfid2.0"?
STL string input / output overload
03-2、
TiKV 线程池性能调优
[PostgreSQL] PostgreSQL 15 optimizes distinct
Developing those things: how to solve the problem of long-time encoding and decoding of RK chip video processing?
How to build dashboard and knowledge base in double chain note taking software? Take the embedded widget library notionpet as an example
LeetCode_ 17_ Letter combination of telephone number
LeetCode_ 216_ Combined sum III