|国家科技期刊平台
| 注册
首页|期刊导航|计算机工程|面向网络加密流量的增量式入侵检测关键技术研究综述

面向网络加密流量的增量式入侵检测关键技术研究综述

CHEN Liangchen FU Deyin LIU Baoxu GAO Shu ZHANG Xuyao

计算机工程2025,Vol.51Issue(12):18-30,13.
计算机工程2025,Vol.51Issue(12):18-30,13.DOI:10.19678/j.issn.1000-3428.0252468

面向网络加密流量的增量式入侵检测关键技术研究综述

Review of Key Technologies of Incremental Intrusion Detection for Network Encrypted Traffic

CHEN Liangchen 1FU Deyin 2LIU Baoxu 3GAO Shu 4ZHANG Xuyao5

作者信息

  • 1. School of Computer,China University of Labor Relations,Beijing 100048,China||Key Laboratory of Network Assessment Technology,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China||School of Computer and Artificial Intelligence,Wuhan University of Technology,Wuhan 430063,Hubei,China||State Key Laboratory of Multimodal Artificial Intelligence Systems,Institute of Automation,Chinese Academy of Sciences,Beijing 100049,China
  • 2. School of Computer,China University of Labor Relations,Beijing 100048,China
  • 3. Key Laboratory of Network Assessment Technology,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China
  • 4. School of Computer and Artificial Intelligence,Wuhan University of Technology,Wuhan 430063,Hubei,China
  • 5. State Key Laboratory of Multimodal Artificial Intelligence Systems,Institute of Automation,Chinese Academy of Sciences,Beijing 100049,China
  • 折叠

摘要

Abstract

As cyber threats continue to intensify,the concealment of encrypted traffic attacks and the suddenness of zero-day exploits have significantly reduced the detection efficiency of traditional intrusion detection systems.This review systematically constructs an incremental intrusion detection technology analysis framework for encrypted traffic and explains the synergy and correlation mechanisms of key technologies in incremental intrusion detection from a synergistic technology perspective.Focusing on current research frontiers,in-depth research and exploration are conducted in four key technical fields:encrypted traffic data reduction,encrypted malicious traffic identification,unknown encrypted malicious traffic detection,and incremental updates of intrusion detection models.The advantages and disadvantages of various methods are analyzed.Finally,future development trends and challenges are discussed.

关键词

增量式入侵检测/加密流量数据约简/加密恶意流量识别/未知加密恶意流量检测/检测模型增量更新

Key words

incremental intrusion detection/encrypted traffic data reduction/encrypted malicious traffic identification/unknown encrypted malicious traffic detection/incremental update of detection models

分类

信息技术与安全科学

引用本文复制引用

CHEN Liangchen,FU Deyin,LIU Baoxu,GAO Shu,ZHANG Xuyao..面向网络加密流量的增量式入侵检测关键技术研究综述[J].计算机工程,2025,51(12):18-30,13.

基金项目

中国劳动关系学院研究生教改项目(YJG2506) (YJG2506)

国家重点研发计划(2023YFB2603800) (2023YFB2603800)

国家统计局全国统计科学研究项目(2022LY005) (2022LY005)

中国科学院网络测评技术重点实验室课题(KFKT2022-003) (KFKT2022-003)

中国劳动关系学院科研项目(23XYJS016) (23XYJS016)

中国劳动关系学院教改项目(JG25016) (JG25016)

中国劳动关系学院教师学术团队项目(24JSTD016). (24JSTD016)

计算机工程

OA北大核心

1000-3428

访问量0
|
下载量0
段落导航相关论文