检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:余红星 申国伟 郭春[1,2] YU Hong-xing;SHEN Guo-wei;GUO Chun(College of Computer Science and Technology,Guizhou University,Guiyang 550025,China;Guizhou Provincial Key Laboratory of Public Big Data,Guiyang 550025,China)
机构地区:[1]贵州大学计算机科学与技术学院,贵州贵阳550025 [2]贵州省公共大数据重点实验室,贵州贵阳550025
出 处:《计算机与现代化》2019年第6期1-8,共8页Computer and Modernization
基 金:国家自然科学基金资助项目(61802081);贵州省自然科学基金资助项目(20161052);贵州省科技重大专项计划项目(20183001)
摘 要:利用网络隧道进行攻击、窃密等成为近年来网络安全领域的热点问题。如何提高大规模网络隧道检测分析时带来的识别精度低的问题亟需解决。针对基于DNS、HTTP协议的主流隧道检测问题,提出一种基于自动特征工程与压缩感知相结合的网络隧道检测方法。通过自动特征工程挖掘出更深层次的网络隧道特征,同时通过压缩感知算法在不损失高维特征精度的基础上实现降维,提高计算效率。在大规模真实数据集上实验结果表明,DNS隧道检测的F-measure值能达到95%,HTTP隧道检测的F-measure值能达到82%以上。Using network tunnel to attack and steal has become a hot issue in the field of network security in recent years.How to improve the recognition accuracy caused by large-scale network tunnel detection and analysis is needed to be solved.Aiming at the problem of mainstream tunnel detection based on DNS and HTTP protocols,a network tunnel detection method based on automatic feature engineering and compressed sensing is proposed.Through the automatic feature engineering,the deeper network tunnel features are mined.The dimensionality is reduced and the computational efficiency is improved by the compressed sensing algorithm without losing the high-dimensional feature precision.The experimental results on large-scale real data sets show that the F-measure value of DNS tunnel detection can reach 95%,and the F-measure value of HTTP tunnel detection can reach more than 82%.
关 键 词:自动特征工程 压缩感知 DNS隧道 HTTP隧道
分 类 号:TP393.0[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.198