检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:朱京毅 周斌 徐诚俊 ZHU Jingyi;ZHOU Bin;XU Chengjun(CMCC Shanghai,Shanghai 200060,China)
机构地区:[1]中国移动通信集团上海有限公司,上海200060
出 处:《移动通信》2024年第8期123-128,共6页Mobile Communications
摘 要:边缘计算模式下网络攻击手段复杂化和自动化对网络防护提出了更高的挑战,提出一种弱监督小样本的网络安全防护方法。首先,该方法利用EfficientNet-B0方法得到多尺度、细粒度的真实告警事件特征集;然后,引入域随机化方法生成大量虚拟告警事件语义特征并采用组合方式合成大量的虚拟告警事件语义特征集,在此基础上,采用余弦相似性来筛选满足条件的虚拟告警事件语义特征集从而解决传统入侵检测方法所需要大量训练样本的难题;最后,采用增量式学习的方法来校正模型参数以解决传统入侵检测模型不适用于动态多变未知攻击场景的安全防护问题。实验表明,面对未知攻击场景,所提出的安全防护方法相较于传统方法具有更强的泛化能力,具有一定的扩展性。The complexity and automation of network attack methods in edge computing mode pose higher challenges to network protection.Therefore,a network security protection method is proposed with weak supervision and small samples.First,this method uses the EfficientNet-B0 method to obtain a multi-scale and fine-grained feature set of real alarm events.Then,the domain randomization method is introduced to generate massive virtual alarm event semantic features and a combination method is used to synthesize massive virtual alarm event semantic feature sets.On this basis,cosine similarity is used to select the virtual alarm event semantic feature sets that meet the conditions,thereby solving the problem that traditional intrusion detection methods require massive training samples.Finally,an incremental learning method is used to correct the model parameters to solve the security protection problem that the traditional intrusion detection model is not suitable for dynamic and changeable unknown attack scenarios.Experiments show that in the face of unknown attack scenarios,the security protection method in this paper has stronger generalization ability than traditional methods and exhibits a certain scalability.
分 类 号:TN92[电子电信—通信与信息系统]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.49