电子学报2025,Vol.53Issue(6):1792-1804,13.DOI:10.12263/DZXB.20241098
基于联邦大模型的网络攻击检测方法研究
Research on Network Attack Detection Method Based on Federated Large Model
摘要
Abstract
To address the issues of a small quantity,large variability of real Web application attack data and diverse attack payloads that lead to poor training effects of large models,a network attack detection method based on federated large model(FL-LLMID)is proposed.Firstly,a federated learning network for fine-tuning large model is proposed.The server conducts incremental aggregation on the parameters generated by the client's local large model through incremental data training,which improves the parameter aggregation efficiency of large model in federated learning and avoids the prob-lem of network traffic data exposure.Secondly,based on the large model ability to understand code,an attack detection model for application layer data(CodeBERT-LSTM)is proposed.By analyzing the application layer data packets,the Code-BERT model is used to perform vector encoding on the valid fields,and then combined with the long short-term memory network(LSTM)for classification to achieve the attack detection task of Web applications.Finally,the experimental results show that the accuracy of the FL-LLMID method in the attack detection task for application layer data reaches 99.63%.Compared with traditional federated learning,the efficiency of incremental learning is improved by 12 percentage points.关键词
联邦学习/大模型/长短期记忆网络/CodeBERT/网络攻击检测/增量聚合Key words
federated learning/large model/LSTM/CodeBERT/attack detection/incremental aggregation分类
信息技术与安全科学引用本文复制引用
康海燕,张义钒,王楠敏..基于联邦大模型的网络攻击检测方法研究[J].电子学报,2025,53(6):1792-1804,13.基金项目
国家社会科学基金(No.21BTQ079) (No.21BTQ079)
未来区块链与隐私计算高精尖中心基金(No.GJJ-24) National Social Science Foundation of China(No.21BTQ079) (No.GJJ-24)
Beijing Advanced Innovation Center for Future Blockchain and Privacy Computing Fund(No.GJJ-24) (No.GJJ-24)
