MFA-SGWNN:基于多特征聚合谱图小波神经网络的僵尸网络检测OA北大核心CSTPCD
MFA-SGWNN:Botnet Detection Based on Multi-Feature Aggregation Spectral Graph Wavelet Neural Network
在僵尸网络攻击中,由于伪装后的僵尸网络流量数据特征与正常流量数据特征过于相似,使得传统的检测方法难以准确地进行区分.为解决这一问题,提出一种基于多特征聚合谱图小波神经网络的方法(Multi-feature Aggregation Spectral Graph Wavelet Neural Network,MFA-SGWNN),将流量的属性特征与空间特征相结合,能有效地捕获隐藏的感染主机流量特征,增强僵尸网络节点的特征表示,同时规避了数据样本不平衡和恶意加密流量对检测的影响.在 ISCX2014僵尸网络数据集和 CIC-IDS 2017(僵尸网络)数据集上的实验结果表明,MFA-SGWNN检测效果优于现有方法,具有更强的鲁棒性和泛化能力.
In botnet attacks,because the characteristics of disguised botnet traffic data are too similar to normal traffic data,it is difficult to distinguish them accurately by traditional detection methods.In order to solve this problem,this paper proposes a Multi-feature Aggregation Spectral Graph Wavelet Neural Network(MFA-SGWNN).This method combines the attribute and spatial features of traffic,which can effectively capture the hidden characteristics of infected host traffic,enhance the feature representation of botnet nodes,and avoid the influence of unbalanced data samples and malicious encrypted traffic on detection.Experimental results on the ISCX2014 botnet and CIC-IDS 2017(botnet)datasets show that MFA-SGWNN outperforms existing methods and has stronger robustness and generalization ability.
吴悔;陈旭;景永俊;王叔洋
北方民族大学计算机科学与工程学院,银川 750000北方民族大学电气信息工程学院,银川 750000
僵尸网络图小波神经网络网络安全
botnetgraph wavelet neural networkcyber security
《北京大学学报(自然科学版)》 2024 (003)
403-412 / 10
北方民族大学中央高校基本科研业务费专项资金(2022PT_S04)和宁夏回族自治区重点研发项目(2023BDE02017)资助
评论