機器學(xué)習(xí)在惡意加密流量檢測中的應(yīng)用及研究
電子技術(shù)應(yīng)用
田睿1,,2,,張雅勤1,,2,董偉1,,2,,李致成1,2,馮志1,,2
1.中國電子信息產(chǎn)業(yè)集團有限公司第六研究所,;2.華北計算機系統(tǒng)工程研究所
摘要: 隨著加密通信的普及,惡意攻擊者利用加密流量隱藏活動,,傳統(tǒng)基于簽名和規(guī)則的檢測方法面臨挑戰(zhàn),。機器學(xué)習(xí)為惡意加密流量檢測提供了新解決方案。綜述了監(jiān)督學(xué)習(xí),、非監(jiān)督學(xué)習(xí),、深度學(xué)習(xí)和集成學(xué)習(xí)在該領(lǐng)域的應(yīng)用。監(jiān)督學(xué)習(xí)通過標(biāo)記數(shù)據(jù)識別已知攻擊,,非監(jiān)督學(xué)習(xí)在未標(biāo)記數(shù)據(jù)中發(fā)現(xiàn)新型攻擊模式,,深度學(xué)習(xí)提升了在大數(shù)據(jù)環(huán)境中的特征提取能力,,而集成學(xué)習(xí)則通過模型融合增強系統(tǒng)魯棒性,。研究表明,機器學(xué)習(xí)顯著提高了惡意行為識別的準(zhǔn)確性,,特別是在復(fù)雜數(shù)據(jù)特征提取和新攻擊模式發(fā)現(xiàn)方面,。
中圖分類號:TP181/TP393.0 文獻標(biāo)志碼:A DOI: 10.16157/j.issn.0258-7998.245979
中文引用格式: 田睿,張雅勤,,董偉,,等. 機器學(xué)習(xí)在惡意加密流量檢測中的應(yīng)用及研究[J]. 電子技術(shù)應(yīng)用,2025,,51(4):1-11.
英文引用格式: Tian Rui,,Zhang Yaqin,Dong Wei,,et al. The application and research of machine learning in malicious encrypted traffic detection[J]. Application of Electronic Technique,,2025,51(4):1-11.
中文引用格式: 田睿,張雅勤,,董偉,,等. 機器學(xué)習(xí)在惡意加密流量檢測中的應(yīng)用及研究[J]. 電子技術(shù)應(yīng)用,2025,,51(4):1-11.
英文引用格式: Tian Rui,,Zhang Yaqin,Dong Wei,,et al. The application and research of machine learning in malicious encrypted traffic detection[J]. Application of Electronic Technique,,2025,51(4):1-11.
The application and research of machine learning in malicious encrypted traffic detection
Tian Rui1,,2,,Zhang Yaqin1,2,,Dong Wei1,,2,Li Zhicheng1,,2,,F(xiàn)eng Zhi1,2
1.The Sixth Research Institute of China Electronics Information Industry Group Corporation Limited,; 2.North China Research Institute of Computer System Engineering
Abstract: With the widespread use of encrypted communication, malicious attackers increasingly exploit encrypted traffic to conceal their activities, posing challenges to traditional signature-based and rule-based detection methods. Machine learning provides a novel solution for detecting malicious encrypted traffic. This paper reviews the applications of supervised learning, unsupervised learning, deep learning, and ensemble learning in this domain. Supervised learning identifies known attacks using labeled data, while unsupervised learning uncovers new attack patterns in unlabeled data. Deep learning enhances feature extraction capabilities in large-scale data environments, and ensemble learning strengthens system robustness through model fusion. The findings indicate that machine learning significantly improves the accuracy of malicious behavior detection, particularly in complex feature extraction and the identification of new attack patterns.
Key words : encrypted traffic recognition,;machine learning;encrypted traffic,;malicious behavior detection,;ensemble learning
引言
隨著數(shù)字化發(fā)展,,網(wǎng)絡(luò)安全成為全球重要挑戰(zhàn),尤其是加密流量中的惡意行為識別,。機器學(xué)習(xí)在加密流量檢測中展現(xiàn)出重要應(yīng)用,。本文綜述了監(jiān)督學(xué)習(xí)、非監(jiān)督學(xué)習(xí),、深度學(xué)習(xí)和集成學(xué)習(xí)在惡意加密流量分析中的應(yīng)用,,探討其對網(wǎng)絡(luò)安全的影響。首先,,分析監(jiān)督學(xué)習(xí)(如決策樹,、SVM、隨機森林)在標(biāo)注數(shù)據(jù)集上的模式識別能力及其優(yōu)劣,;接著討論非監(jiān)督學(xué)習(xí)(如K均值,、層次聚類)在無標(biāo)簽環(huán)境中的異常檢測;然后研究深度學(xué)習(xí)(如CNN,、RNN)在時間序列分析中的優(yōu)勢,,通過自動提取特征提升檢測性能;最后評估集成學(xué)習(xí)(如隨機森林,、AdaBoost)結(jié)合多模型提升檢測精度和魯棒性,。
本文詳細(xì)內(nèi)容請下載:
http://forexkbc.com/resource/share/2000006386
作者信息:
田睿1,2,,張雅勤1,,2,董偉1,,2,,李致成1,2,,馮志1,,2
(1.中國電子信息產(chǎn)業(yè)集團有限公司第六研究所,北京 100083,;
2.華北計算機系統(tǒng)工程研究所,,北京 100083)
此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載,。