Unlock instant, AI-driven research and patent intelligence for your innovation.

An operating system identification method based on cavwnb_kl algorithm

A technology of operating system and identification method, which is applied in the field of network security, can solve the problems of reducing classification accuracy and achieve the effects of improving classification accuracy, saving manpower and material resources, and facilitating parameter adjustment

Active Publication Date: 2022-05-20
XI AN JIAOTONG UNIV +1
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the simple Naive Bayesian algorithm may reduce the accuracy of classification for the condition of independence between attributes

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An operating system identification method based on cavwnb_kl algorithm
  • An operating system identification method based on cavwnb_kl algorithm
  • An operating system identification method based on cavwnb_kl algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0066] At present, in the field of network security, for the identification of the operating system, most of the fingerprints collected on the spot are used, and the method similar to the binary classification is mostly used, and the manual identification is regular, resulting in low identification accuracy and easy false positives. The scales are inconsistent, and the requirements for training data are also high, which is generally difficult to meet.

[0067] The present invention provides an operating system identification method based on the CAVWNB_KL algorithm, which is combined with the CAVWNB_KL algorithm to train a large number of vectors obtained by dismantling nmap's rule set conversion, while improving efficiency and improving the recognition rate for the operating system, through the CAVWNB_KL algorithm For the obtained vector training, its prior probability and posterior probability are obtained, and then the real traffic is collected through the probe, and then the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an operating system identification method based on the CAVWNB_KL algorithm, analyzes the operating system identification rules in nmap, extracts M million data from a large number of split data sets as training data, and extracts m million data again as simulation data by the same method Test data; seal the obtained M million data; use KL divergence to calculate the correlation between attributes and classes as the weight of each attribute; calculate the prior probability and posterior of the preprocessed M million data Probability, stored as a fingerprint; take m million data sets to calculate the test accuracy measurement index; calculate the test accuracy of real traffic; filter the collected real traffic, incrementally train with Bayesian incremental learning, and correct the original fingerprint model to complete the identification. The invention adopts the CAVWNB_KL algorithm, which greatly relieves the independent condition required among the naive Bayesian attributes and improves the classification accuracy.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to an operating system identification method based on a CAVWNB_KL (Correlation-based Attribute Value Weighted Naive Bayes_KL) algorithm. Background technique [0002] In the field of network security, the object of security is assets, and the operating system is a major category of assets. At present, the high false positive rate of operating systems is a major pain point for security asset management customers. Therefore, how to accurately identify operating systems and improve The recognition rate of the operating system has always been a hot issue in the field of network security. [0003] At present, in the field of network security, for the identification of operating systems, most of them use on-site fingerprint collection, and most of them use a method similar to binary classification, that is, through one-by-one comparison plug-in identification, and man...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06N7/00
CPCG06N7/01
Inventor 桂小林安迪樊志甲李瀛范建存
Owner XI AN JIAOTONG UNIV