Unix system user malicious operation detection method based on deep learning
A malicious operation and system user technology, applied in the field of network security, can solve the problems of malicious users bypassing, one-sided detection of malicious operations, and failure to pay attention to user malicious operations, so as to improve training accuracy, performance, and high accuracy rate effect
Pending Publication Date: 2019-12-20
GUANGDONG UNIV OF TECH
View PDF5 Cites 2 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0007] In a word, the methods in the above patent documents all have the following disadvantages: (1) no attention is paid to the behavior of malicious operations of users based on the Unix (Yonex) operating system; (2) the method for detecting malicious operations is too one-sided, and is easily detected User bypass; (3) They lack predictability and intelligence for unknown malicious operations. In the era of increasing computer vulnerabilities, loopholes, Trojan horses, and viruses are all evolving at a geometric speed, which has already surpassed what humans can artificially find. Feature range, so predictability is crucial
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0032] The present invention will be further described in detail below in conjunction with the embodiments and the accompanying drawings, but the embodiments of the present invention are not limited thereto.
[0033] The invention discloses a method for detecting malicious operations of Unix system users based on deep learning. The method mainly involves three technologies of data set file preprocessing, feature extraction, and detection of malicious operation behaviors; using the bag-of-words model and TF-IDF (word frequency- Inverse text frequency) model combination method to extract the text features of preprocessed data files and tag files, input the extracted features into the multi-layer perceptron algorithm network for training, and obtain behaviors that can identify malicious operations of the Unix operating system, It can identify whether the user's operation is a normal operation or a malicious operation, and finally output an early warning signal according to the det...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a Unix system user malicious operation detection method based on deep learning. The Unix system user malicious operation detection method mainly relates to three technologies of data set file preprocessing, feature extraction and malicious operation behavior detection, and specifically includes the steps: adopting a method of combining a bag-of-words model and a TF-IDF (word frequency-inverse text frequency) model, extracting character features of the preprocessed data file and the mark file, inputting the extracted features into a multi-layer perceptron algorithm network for training to obtain a behavior capable of identifying malicious operation of a Unix operating system, namely identifying whether the operation of the user is common operation or malicious operation, and finally outputting an early warning signal according to a detection result to intervene user permission and limit the behavior of the user. According to the Unix system user malicious operation detection method, the multilayer perceptron algorithm is used for training the deep learning model, and the accuracy and recall rate of effect verification both reach 99%, and the Unix system usermalicious operation detection method has very high accuracy for malicious operation behaviors.
Description
technical field [0001] The invention relates to the technical field of network security, in particular to a method for detecting malicious operations of Unix system users based on deep learning. Background technique [0002] With the continuous development of computer technology, network security has gradually become a security issue that cannot be ignored. Network security is increasingly valued by the state. Without network security, there will be no national security. Relevant policies are constantly promoting the development of security technology to meet market demand. Unix operating system is an open source operating system with a wide range of applications. Malicious operation detection of Unix operating system is conducive to protecting the security of equipment. [0003] Although many security products have been added to the corporate network security strategy, according to a 2015 survey by the Ponemon Institute in the United States, most of the most costly cybercri...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): G06F21/55
CPCG06F21/554
Inventor 尹惠锋张伟
Owner GUANGDONG UNIV OF TECH