APT attack detection method based on deep belief network-support vector data description

A deep belief network and support vector technology, which is applied in the field of APT attack detection based on deep belief network-support vector data description, can solve the problem that the data set is not practical

Inactive Publication Date: 2018-11-20
SHANGHAI MARITIME UNIVERSITY
View PDF3 Cites 37 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Supervised learning methods often show excellent detection results, but need t

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • APT attack detection method based on deep belief network-support vector data description
  • APT attack detection method based on deep belief network-support vector data description
  • APT attack detection method based on deep belief network-support vector data description

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0085] Below in conjunction with the accompanying drawings, a preferred specific embodiment is illustrated through detailed steps, and the present invention is further elaborated.

[0086] Such as figure 1 As shown, the APT attack detection method described based on deep belief network-support vector data includes the following steps:

[0087] S1, collect data, use network traffic capture software to obtain network data flow information, as the data for detecting APT;

[0088] S2. Data feature extraction. The data is transformed into a similarity problem between vectors through the space vector model. Feature extraction can be performed by calculating the information entropy and the information gain of each word. In order to make the feature dimension the same and the value The scope is the same, need further standardization;

[0089] S3. DBN training neural network. The designed DBN includes low-level RBM, high-level RBM and BP neural network. The RBM contains visible units...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an advanced persistent threat (APT) attack detection method based on deep belief network-support vector data description. A deep belief network (DBN) is used for feature dimension-reduction and excellent feature vector extraction; and support vector data description (SVDD) is used for the data classification and detection. At a DBN training state, the feature dimension-reduction is performed by using the DBN model after obtaining a standard data set; a low-level restricted Boltzmann machine (RBM) receives simple representation transmitted from the low-level RBM by usingthe high-level RBM so as to learn more abstract and complex representation after performing the initial dimension-reduction, and back propagation of a back propagation (BP) neural network is used forrepeatedly adjusting a weight value until the data with excellent feature is extracted. The data processed by the DBN is divided into a training set and a testing set, and the data set is provided for the SVDD to perform training and identification detection, thereby obtaining the detection result. The attack detection method disclosed by the invention is suitable for the unsupervised attack datadetection with large data size and high-dimension feature, is fit for the APT attack detection and can obtain an excellent detection result.

Description

technical field [0001] The present invention relates to the technical field of cloud computing security, in particular to an APT attack detection method based on deep belief network-support vector data description. Background technique [0002] Against the backdrop of the rapid development of global network informatization, advanced persistent threats (APTs) with concealment, penetration and pertinence pose increasingly serious threats to various high-level information security systems. The number of organized APT attacks on targets is increasing, and the network information systems and data security of countries and enterprises are facing severe challenges. For example, in 2008, the Great Wall Network of China was attacked and infiltrated by network hackers from the US Department of Defense, and was implanted with a back door to steal information; in 2010, after years of preparation and latent, "Stuxnet" successfully attacked a network located in a physically isolated intra...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/145H04L63/1416
Inventor 张文杰韩德志王军毕坤
Owner SHANGHAI MARITIME UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap