《電子技術(shù)應(yīng)用》
您所在的位置:首頁(yè) > 人工智能 > 設(shè)計(jì)應(yīng)用 > 基于機(jī)器學(xué)習(xí)的網(wǎng)絡(luò)入侵檢測(cè)技術(shù)綜述
基于機(jī)器學(xué)習(xí)的網(wǎng)絡(luò)入侵檢測(cè)技術(shù)綜述
網(wǎng)絡(luò)安全與數(shù)據(jù)治理
張茜,王曉菲,王亞洲,尚穎,王芳鳴,曾穎明
北京計(jì)算機(jī)技術(shù)及應(yīng)用研究所
摘要: 新興技術(shù)的發(fā)展推動(dòng)了機(jī)器學(xué)習(xí)等智能化方法在網(wǎng)絡(luò)入侵檢測(cè)的廣泛應(yīng)用,有效提高了入侵檢測(cè)的效率和準(zhǔn)確率,然而基于機(jī)器學(xué)習(xí)的網(wǎng)絡(luò)入侵檢測(cè)領(lǐng)域仍然面臨著大規(guī)模網(wǎng)絡(luò)數(shù)據(jù)處理難、數(shù)據(jù)樣本不平衡、未知威脅難以有效檢測(cè)、模型泛化能力差等挑戰(zhàn)。文章對(duì)基于機(jī)器學(xué)習(xí)的網(wǎng)絡(luò)入侵檢測(cè)技術(shù)進(jìn)行綜述和總結(jié),對(duì)比和分析當(dāng)前主流方法的優(yōu)勢(shì)和局限性,并總結(jié)和討論該領(lǐng)域目前挑戰(zhàn)和未來(lái)展望,以便為該領(lǐng)域人員了解最新研究動(dòng)態(tài)提供借鑒參考。
中圖分類(lèi)號(hào):TP309文獻(xiàn)標(biāo)識(shí)碼:ADOI:10.19358/j.issn.2097-1788.2024.12.001
引用格式:張茜,王曉菲,王亞洲,等. 基于機(jī)器學(xué)習(xí)的網(wǎng)絡(luò)入侵檢測(cè)技術(shù)綜述[J].網(wǎng)絡(luò)安全與數(shù)據(jù)治理,2024,43(12):1-9,18.
Overview of network intrusion detection technology based on machine learning
Zhang Xi,Wang Xiaofei,Wang Yazhou,Shang Ying,Wang Fangming,Zeng Yingming
Beijing Institute of Computer Technology and Application
Abstract: The development of emerging technologies has promoted the wide application of intelligent methods such as machine learning in the field of network intrusion detection, and effectively improved the efficiency and accuracy of intrusion detection. However, the field of network intrusion detection based on machine learning still faces challenges such as difficulty in processing large-scale network data, imbalance of data samples, difficulty in effectively detecting unknown threats, and poor generalization ability of models. This paper aims to summarize the network intrusion detection technology based on machine learning, compare and analyze the advantages and limitations of the current mainstream methods, and summarize and discuss the current challenges and future prospects in this field, so as to provide reference for people in this field to understand the latest research trends.
Key words : machine learning; intrusion detection; intelligence

引言

隨著世界范圍內(nèi)的網(wǎng)絡(luò)攻擊威脅不斷加劇,防火墻、密碼機(jī)等傳統(tǒng)被動(dòng)的安全防護(hù)手段已無(wú)法完全應(yīng)對(duì)復(fù)雜的、動(dòng)態(tài)的、隱蔽的新型未知威脅,亟需網(wǎng)絡(luò)入侵檢測(cè)等主動(dòng)的安全防護(hù)手段,發(fā)現(xiàn)和阻斷來(lái)自強(qiáng)敵多樣化的網(wǎng)絡(luò)威脅。網(wǎng)絡(luò)入侵檢測(cè)技術(shù)可以按照基于數(shù)據(jù)來(lái)源、基于工作方式、基于檢測(cè)結(jié)果、基于檢測(cè)方法來(lái)進(jìn)行分類(lèi),如圖1所示。相較于傳統(tǒng)的基于模式匹配、專(zhuān)家系統(tǒng)的入侵檢測(cè)方法,機(jī)器學(xué)習(xí)智能化模型能夠?qū)W習(xí)數(shù)據(jù)樣本的攻擊行為特征或分類(lèi)、聚類(lèi)模式,有效提高網(wǎng)絡(luò)威脅檢測(cè)的效率和準(zhǔn)確率。本文重點(diǎn)介紹和分析基于機(jī)器學(xué)習(xí)的網(wǎng)絡(luò)入侵檢測(cè),分別從基于監(jiān)督學(xué)習(xí)、基于無(wú)監(jiān)督學(xué)習(xí)兩個(gè)方面進(jìn)行詳細(xì)闡述。


本文詳細(xì)內(nèi)容請(qǐng)下載:

http://ihrv.cn/resource/share/2000006260


作者信息:

張茜,王曉菲,王亞洲,尚穎,王芳鳴,曾穎明

(北京計(jì)算機(jī)技術(shù)及應(yīng)用研究所,北京100854)


Magazine.Subscription.jpg

此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。