基于深度学习的多会话协同攻击加密流量检测技术研究OA北大核心
Encrypted Traffic Detection Technology for Multi-session Coordinated Attack Based on Deep Learning
恶意加密攻击流量检测是当前网络安全领域的一项重要研究课题.攻击者利用多会话的加密流量实现多阶段协同攻击正在成为一种发展趋势.分析了 目前主流恶意加密流量检测方法存在的问题,提出一种面向多会话协同攻击场景的恶意加密流量检测方法.该方法通过提取多会话特征数据并转换为图像,利用深度学习方法在图像识别领域的优势,将加密流量识别问题转换为图像识别问题,从而间接实现了恶意加密流量检测.基于实验数据的初步测试结果验证了该方法的有效性.
Malicious encrypted traffic detection is currently an important research topic in the field of network security.Attacker used multi-session encrypted traffic to achieve multi-stage coordinated attacks,which is becoming a trend.This paper analyzes the existing problems of current mainstream malicious encrypted traffic detection methods,and proposes an malicious encrypted traffic detection method for multi-session coordinated attack scenarios.Based on the advantages of deep learning methods in the field of image recognition,this method extracts multi-session features and converts them into images,converting encrypted traffic identification problems into image recognition problems,thereby indirectly realizes malicious encrypted traffic detection.The preliminary test results on the experimental data have verified the effectiveness of the method.
周成胜;孟楠;赵勋;邱情芳
中国信息通信研究院安全研究所 北京 100191中国信息通信研究院安全研究所 北京 100191中国信息通信研究院安全研究所 北京 100191北京鉴衡认证中心有限公司 北京 100010
计算机与自动化
深度学习加密流量多会话协同攻击网络安全
deep learningencrypted trafficmulti-sessioncoordinated attacknetwork security
《信息安全研究》 2025 (1)
66-73,8
评论