A malicious traffic detection implementation method and device based on deep learning

A technology of malicious traffic and deep learning, applied in the field of computer security, can solve the problems of low false alarm rate, difficulty in identification, privacy leakage, etc., and achieve the effects of low false alarm rate, high accuracy rate and high robustness

Active Publication Date: 2018-12-11
北京金睛云华科技有限公司
View PDF6 Cites 58 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In order to solve the above technical problems, the embodiments of the present invention provide a method and device for implementing malicious traffic detection based on deep learning, which can solve the difficulties in manual feature extraction, privacy leakage, encryption and confusion existing in the current detection technology to a certain extent. Identification, artificial extraction of machine learning features and many other problems, and has high robustness, and has the characteristics of fast, high accuracy, low false positive rate, cross-platform detection, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A malicious traffic detection implementation method and device based on deep learning
  • A malicious traffic detection implementation method and device based on deep learning
  • A malicious traffic detection implementation method and device based on deep learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings. It should be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined arbitrarily with each other.

[0053]The steps shown in the flowcharts of the figures may be performed in a computer system, such as a set of computer-executable instructions. Also, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0054] In order to achieve the purpose of the embodiment of the present invention, the embodiment of the present invention provides a method for implementing malicious traffic detection based on deep learning, such as figure 1 As shown, th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a malicious traffic detection implementation method and device based on deep learning. The method can include: obtaining the flow session of malicious code through dynamic sandbox technology; mapping the traffic session of malicious code to a gene map and extracting the map features; using the map features of traffic session for clustering and marking theclustering results by a malicious code family; training the preset depth learning model by using the tagged gene map of the malicious code family to establish the malicious traffic detection model; using the malicious traffic detection model to detect real-time network traffic, and realizing malicious traffic detection. Through the embodiment, many problems existing in the conventional detection technology such as artificial feature extraction difficulty, privacy disclosure, encryption and confusion difficult to identify, machine learning feature manual extraction and the like are solved to acertain extent, and the method has the characteristics of high robustness, high speed, high accuracy, low false alarm rate, cross-platform detection and the like.

Description

technical field [0001] The embodiment of the present invention relates to computer security technology, especially a method and device for implementing malicious traffic detection based on deep learning. Background technique [0002] The traditional method of detecting malicious (abnormal) traffic is to use the transport layer port to identify most of the malicious (abnormal) traffic. Although there are problems with inaccuracy, it is still a fast and simple method to continuously monitor and report abnormal traffic. [0003] Afterwards, a payload-based method is proposed to identify bytes or strings related to malicious (abnormal) traffic by detecting packet content, or to perform more complex syntax matching. However, this method involves privacy issues, and at the same time cannot deal with encryption, protocol confusion and other issues. [0004] At present, the pattern recognition algorithm using traditional machine learning can solve the privacy problem to a certain e...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/04G06N3/08H04L29/06
CPCH04L63/1441G06N3/08G06N3/045G06F18/23
Inventor 曲武
Owner 北京金睛云华科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap