Unlock instant, AI-driven research and patent intelligence for your innovation.

Botnet traffic detection method based on parallel neural network

A neural network and botnet technology, applied in neural learning methods, biological neural network models, neural architectures, etc., can solve the problems of relying on artificially designed features and extracting feature dimensions, and achieve the effect of multi-training time

Active Publication Date: 2021-09-07
SOUTHEAST UNIV
View PDF1 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This algorithm solves the problems of traditional machine learning algorithms relying on artificially designed features and extracting feature dimensions. It can automatically extract the spatio-temporal features of network flows from raw data by using neural networks.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Botnet traffic detection method based on parallel neural network
  • Botnet traffic detection method based on parallel neural network
  • Botnet traffic detection method based on parallel neural network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] The present invention will be further explained below in conjunction with the accompanying drawings and specific embodiments. It should be understood that the following specific embodiments are only used to illustrate the present invention and are not intended to limit the scope of the present invention. It should be noted that the words "front", "rear", "left", "right", "upper" and "lower" used in the following description refer to the directions in the drawings, and the words "inner" and "outer ” refer to directions towards or away from the geometric center of a particular part, respectively.

[0047] This embodiment is a botnet traffic detection method based on a parallel neural network, such as figure 1 shown, including:

[0048] Step 1: Define x p =, represent data packet transmission quintuple, be made up of source IP, source port, destination IP, destination port, transmission protocol; l p Indicates the byte size of the data packet; t p Indicates the time wh...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a Botnet traffic detection method based on a parallel neural network. The method comprises the following steps: dividing an original network traffic pcap file into a plurality of network flows according to a data packet transmission quintuple <a source IP, a destination IP, a source port, a destination port, a transmission protocol>; preprocessing and converting each network flow into input formats of two neural networks; extracting spatial features of the network flow grey-scale map by using a convolutional neural network, and outputting a 10-dimensional feature vector; extracting time sequence characteristics of a network flow sequence by utilizing a gating circulation unit network, and outputting a 10-dimensional vector; splicing the features extracted by the two neural networks by using a serial feature fusion scheme, and outputting 20-dimensional features; carrying out model training through a softmax classifier, and outputting a zombie flow detection model; and finally, pre-processing the captured traffic data of the target network, and inputting the pre-processed traffic data into the model to complete the detection of the Botnet traffic. The method is high in accuracy and can effectively detect the Botnet traffic.

Description

technical field [0001] The invention belongs to the technical field of network security, and relates to a botnet traffic detection method based on a parallel neural network. Background technique [0002] A botnet refers to a computer cluster controlled by a network attacker through an infection of a Trojan horse or a bot program due to computer security vulnerabilities. Its important feature is that the attacker can manipulate the controlled host to execute the same malicious program through a one-to-many command and control channel. Commands, such as simultaneously controlling the host to launch a DDOS attack on a target website or sending a large amount of spam to a certain server. In recent years, the Internet of Things technology has continued to develop, and the scale of the Internet of Things industry has continued to expand, followed by the massive deployment of Internet of Things devices, which provides favorable conditions for the breeding of botnet activities. Botn...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24G06K9/62G06N3/04G06N3/08
CPCH04L63/1416H04L63/145H04L63/1458H04L63/20H04L41/142G06N3/08G06N3/047G06N3/045G06F18/2415G06F18/241Y02D30/50
Inventor 黄杰刘玉超
Owner SOUTHEAST UNIV