检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:郭永进 黄河俊 GUO Yongjin;HUANG Hejun(Shanghai Open University,Shanghai 200433,China;Shanghai Education Software Development Company,Shanghai 200082,China)
机构地区:[1]上海开放大学,上海200433 [2]上海教育软件发展有限公司,上海200082
出 处:《信息网络安全》2024年第9期1458-1469,共12页Netinfo Security
摘 要:文章提出一种基于多门控混合专家模型的网络异常流量识别与防御模型,该模型适用于业务高峰期间混杂攻击流量的场景。首先,多门控混合专家模型对网络流量进行实时监测和异常识别,区分由业务需求导致的正常流量峰值和异常流量,减少误报,系统将检测到的异常流量作为输入,生成针对性的防御策略。然后,多门控混合专家模型对异常流量识别和防御策略生成专家模型进行协调,提高系统的识别精准度和策略生成的有效性。在实际业务场景中获取的数据集上的实验结果表明,该模型识别准确率和防御效果优于主流的机器学习模型,能够准确识别出混杂在业务高峰期间的异常攻击流量,并生成合适的防御策略。This paper proposed a big data network anomaly traffic identification and defense strategy generation model based on the multi-gate mixture of experts(MMoE)model.This model is particularly suitable for scenarios involving mixed attack traffic during peak business periods.First,the MMoE model conducted real-time monitoring and anomaly identification of network traffic,distinguishing between normal traffic peaks caused by business demands and genuine anomalous traffic,effectively reducing false alarms.When anomalous traffic was detected,the system used it as input to generate targeted defense strategies.Secondly,the MMoE model coordinated the expert models for anomaly detection and defense strategy generation,enhancing the precision of identification and the effectiveness of strategy generation.Experimental results on datasets obtained from real business scenarios show that the identification accuracy and defense effect of the model proposed in this study are better than mainstream machine learning models and can accurately identify abnormal attack traffic mixed during business peaks and generate appropriate defense strategies.
关 键 词:异常流量识别 防御策略生成 混合专家模型 隐蔽攻击
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.196