Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Malicious traffic detection method in data imbalance scene

A technology of malicious traffic and detection method, which is applied in the field of network information security, can solve problems such as inability to guarantee the accuracy of malicious traffic classification, low recall rate of malicious traffic, and insufficient ability to distinguish minority classes, so as to ensure detection accuracy and ensure accuracy , the effect of reducing misclassification

Pending Publication Date: 2021-06-18
中电积至(海南)信息技术有限公司
View PDF5 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Aiming at the deficiencies of the prior art, the present invention provides a malicious traffic detection method in a data unbalanced scenario, which solves the problem that the recall rate of malicious traffic is relatively low when a general learning algorithm is used for classification in the existing malicious traffic detection method. Low, the ability to distinguish minority classes is insufficient, and the accuracy of malicious traffic classification cannot be guaranteed in the case of imbalanced positive and negative samples

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious traffic detection method in data imbalance scene
  • Malicious traffic detection method in data imbalance scene
  • Malicious traffic detection method in data imbalance scene

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044]The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0045] In describing the present invention, it is to be understood that the terms "opening", "upper", "lower", "thickness", "top", "middle", "length", "inner", "surrounding" etc. Indicating orientation or positional relationship is only for the convenience of describing the present invention and simplifying the description, and does not indicate or imply that the components or elements referred to must have a specific orientation, be constructed and operated in ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a malicious traffic detection method in a data imbalance scene. The method comprises the following operation steps: S1, obtaining a training set and a test set: manually collecting traffic of each malicious software sample as a negative sample. The invention relates to the technical field of network information security. According to the malicious traffic detection method in the data imbalance scene, each network flow is identified by using a tetrad, statistical features of each flow are extracted and standardized, port information and the statistical features are combined to serve as feature vectors, and a training set and a test set are formed; in the algorithm level, a k-means clustering algorithm is combined with an SMOTE oversampling technology, noise is avoided only by performing oversampling in a safe area, the emphasis is on imbalance between classes and imbalance in the classes, the problem of minority class sample dispersion is solved by increasing minority class samples in a minority sample sparse area, the minority class sample size is expanded, and good training data is provided for a classification model.

Description

technical field [0001] The invention relates to the technical field of network information security, in particular to a method for detecting malicious traffic in a data imbalance scenario. Background technique [0002] Usually, most of the data obtained from real-world scenarios are unbalanced, and the number of samples of the minority class is often much less than that of the majority class, but the samples belonging to the minority class often have greater significance, such as fraud detection, failure In the fields of diagnosis and network intrusion detection, researchers have been paying attention to the category imbalance problem in the field of machine learning. Therefore, it is necessary to detect this type of malicious traffic. A variety of solutions have been developed for this problem, which can be mainly divided into four categories: Classes: data sampling, cost-sensitive learning, decision boundary shifting, and ensemble learning methods, but the minority class i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06K9/62H04L29/06
CPCH04L63/14H04L63/1425G06F18/23213G06F18/241G06F18/214
Inventor 戚岱杰窦凤虎郑超王媛娣
Owner 中电积至(海南)信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products