融合图结构学习的物联网僵尸网络多分类检测研究  

Research on Multi-classification Detection of IoT Botnet Detection Integrating Graph Structure Learning

作  者:李沛衡 林宏刚 LI Peiheng;LIN Honggang(School of Cybersecurity,Chengdu University of Information Technology,Chengdu 610225,China;School of Cybersecurity,Sichuan Provincial Key Laboratory of Advanced Cryptography and System Security,Chengdu 610225,China)

机构地区:[1]成都信息工程大学网络空间安全学院,成都610225 [2]成都信息工程大学先进密码技术与系统安全四川省重点实验室,成都610225

出  处:《小型微型计算机系统》2025年第2期456-464,共9页Journal of Chinese Computer Systems

基  金:国家242信息安全计划项目(2021-037)资助;网络空间安全态势感知与评估安徽省重点实验室开放课题项目(CSSAE-2021-002)资助。

摘  要:针对目前物联网僵尸网络多分类检测方法存在表征能力弱、难以剔除特征冗余和噪声、识别准确率低等问题,本文提出一种融合图结构学习的多分类检测方法.该方法利用阻尼增量统计多个时间片网络流量的特征对网络流量样本进行重构,设计自适应图结构学习方法获取网络流量特征的时空关系表示,结合图正则化剔除特征冗余和噪声;基于时空图卷积神经网络在时空两个层面提取特征,实现对物联网僵尸网络攻击的多分类检测.在多个数据集上的实验结果表明,本文提出的方法具有良好的表征能力,能有效剔除特征中的冗余及噪声,提升检测的准确率,在多分类效果上优于其他模型.In response to the current issues of weak representation ability,difficulty in eliminating feature redundancy and noise,and low recognition accuracy in multi-class detection methods for Internet of Things(IoT)botnets,this paper proposes a multi-class detection method integrating graph structure learning.This method uses damped incremental statistics to reconstruct network traffic samples from the features of network traffic over multiple time slices,designs an adaptive graph structure learning method to obtain the spatio-temporal relationship representation of network traffic features,and combines graph regularization to eliminate feature redundancy and noise.Based on the spatio-temporal graph convolutional neural network,features are extracted at both the spatial and temporal levels to achieve multi-class detection of IoT botnet attacks.Experimental results on multiple datasets show that the proposed method has good representation ability,can effectively eliminate redundancy and noise in features,improve detection accuracy,and outperform other models in multi-classification performance.

关 键 词:物联网僵尸网络 图神经网络 图结构学习 时空图卷积 多分类检测 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象