Network unknown threat detection method based on feature extension CNN

A technology of unknown threats and detection methods, applied in the field of network unknown threat detection based on feature-extended CNN, to achieve the effect of simplifying operations, reducing computational complexity, and improving operational efficiency

Pending Publication Date: 2021-12-31
HANGZHOU DIANZI UNIV
View PDF0 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, with more than 1 million new malware being released every day, traditional machine learning methods are no longer up to the task

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network unknown threat detection method based on feature extension CNN
  • Network unknown threat detection method based on feature extension CNN
  • Network unknown threat detection method based on feature extension CNN

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] Below in conjunction with accompanying drawing, the present invention will be further explained;

[0034] Such as figure 1 As shown, a network unknown threat detection method based on feature extended CNN includes model construction, training optimization, and the specific process is as follows:

[0035] Step 1: Build a dataset

[0036] One-hot encoding is performed on the original collected security data, and a training set X and a test set X of size N*D are constructed test , X=(x 1 ,x 2 ,...,x n ,...x N ), where N is the number of samples in the data set, D represents the dimension of the data set; Y is the set of true category labels corresponding to the training set X. The samples in the training set are regarded as known data, and the samples in the test set are regarded as unknown data. The known data and unknown data come from the same family of network threats.

[0037] Step 2: Build and train a feature-expanded CNN model

[0038] Based on the basic CNN...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network unknown threat detection method based on a feature extension CNN, and the method comprises the steps: constructing a feature extension CNN model according to the characteristics that many network unknown threats and known threats are from the same family, and are represented as sample features are similar, firstly carrying out the convolution operation of original data at each layer of the CNN, and obtaining a native feature map; performing linear random operation on the native feature map to obtain an extended feature map; finally, combining the two to obtain extended reconstruction data of the original data, the dimension of which is lower than that of the original data, and realizing dimension reduction extended reconstruction of the data; and constructing a security data classification model based on a shallow machine learning algorithm to realize detection of unknown threats in the network security big data. According to the network unknown threat detection method based on the feature extension CNN provided by the invention, the generated extension reconstruction feature not only realizes dimension reduction, but also expands the data representation of the unknown threat, realizes high-precision detection of the unknown threat, and also reduces the calculation complexity.

Description

technical field [0001] The invention belongs to the technical field of data analysis, relates to network security big data analysis and modeling, and in particular to a network unknown threat detection method based on feature extended CNN. Background technique [0002] The attack and defense of network security is like a cat-and-mouse game. Hackers and cybercriminals are constantly trying various hidden and new attack methods to gain more benefits, such as stealing data, controlling hosts, and extorting money. But these new attacks weren't created in a vacuum. Cybercriminals usually find an existing malware and make some minor adjustments to transform it into a new malware that meets their needs. They even find and exploit a 0day vulnerability to evade detection by security software. Most of these new malware functions are the same as the old ones, often treating viruses with similar functions as a family. In view of the fact that many malicious codes come from the same fa...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06K9/62G06N3/04
CPCG06F21/562G06N3/045G06F18/2411G06F18/24155G06F18/24323G06F18/214
Inventor 许艳萍章霞裘振亮陈政仇建叶挺聪张桦吴以凡张灵均
Owner HANGZHOU DIANZI UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap