Labeling Malicious Communication Samples Based on Semi-Supervised Deep Neural Network  被引量:2

Labeling Malicious Communication Samples Based on Semi-Supervised Deep Neural Network

在线阅读下载全文

作  者:Guolin Shao Xingshu Chen Xuemei Zeng Lina Wang 

机构地区:[1]Cybersecurity Research Institute,Sichuan University,Chengdu,Sichuan 610065,China [2]College of Computer Science,Sichuan University,Chengdu,Sichuan 610065,China [3]College of Cybersecurity,Sichuan University,Chengdu,Sichuan 610065,China

出  处:《China Communications》2019年第11期183-200,共18页中国通信(英文版)

基  金:partially funded by the National Natural Science Foundation of China (Grant No. 61272447);National Entrepreneurship & Innovation Demonstration Base of China (Grant No. C700011);Key Research & Development Project of Sichuan Province of China (Grant No. 2018G20100)

摘  要:The limited labeled sample data in the field of advanced security threats detection seriously restricts the effective development of research work.Learning the sample labels from the labeled and unlabeled data has received a lot of research attention and various universal labeling methods have been proposed.However,the labeling task of malicious communication samples targeted at advanced threats has to face the two practical challenges:the difficulty of extracting effective features in advance and the complexity of the actual sample types.To address these problems,we proposed a sample labeling method for malicious communication based on semi-supervised deep neural network.This method supports continuous learning and optimization feature representation while labeling sample,and can handle uncertain samples that are outside the concerned sample types.According to the experimental results,our proposed deep neural network can automatically learn effective feature representation,and the validity of features is close to or even higher than that of features which extracted based on expert knowledge.Furthermore,our proposed method can achieve the labeling accuracy of 97.64%~98.50%,which is more accurate than the train-then-detect,kNN and LPA methodsin any labeled-sample proportion condition.The problem of insufficient labeled samples in many network attack detecting scenarios,and our proposed work can function as a reference for the sample labeling tasks in the similar real-world scenarios.The limited labeled sample data in the field of advanced security threats detection seriously restricts the effective development of research work. Learning the sample labels from the labeled and unlabeled data has received a lot of research attention and various universal labeling methods have been proposed. However, the labeling task of malicious communication samples targeted at advanced threats has to face the two practical challenges: the difficulty of extracting effective features in advance and the complexity of the actual sample types. To address these problems, we proposed a sample labeling method for malicious communication based on semi-supervised deep neural network. This method supports continuous learning and optimization feature representation while labeling sample, and can handle uncertain samples that are outside the concerned sample types. According to the experimental results, our proposed deep neural network can automatically learn effective feature representation, and the validity of features is close to or even higher than that of features which extracted based on expert knowledge. Furthermore, our proposed method can achieve the labeling accuracy of 97.64%~98.50%, which is more accurate than the train-then-detect, kNN and LPA methodsin any labeled-sample proportion condition. The problem of insufficient labeled samples in many network attack detecting scenarios, and our proposed work can function as a reference for the sample labeling tasks in the similar real-world scenarios.

关 键 词:sample LABELING MALICIOUS COMMUNICATION SEMI-SUPERVISED learning DEEP neural network LABEL propagation 

分 类 号:TP3[自动化与计算机技术—计算机科学与技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象