摘要
恶意软件检测是保障网络安全、防止网络异常的关键技术之一。为了解决基于深度学习的恶意软件流量检测方法需要大量人工标注的有标签网络流量样本的问题,同时保持算法的检测精度,提出了一种基于半监督学习与网络流量的恶意软件检测方法,其利用少量有标签网络流量样本与大量无标签网络流量样本训练恶意软件检测模型。实验结果表明,所提出的方法在小样本流量环境中比一般的基于深度学习的恶意软件流量检测方法有更好的性能,可用于现实中有标签数据较少的恶意软件流量检测场景。
Malware detection (MD) is one of the key technologies to ensure network security and prevent network anomalies.To solve the problem that the deep learning-based malware traffic detection method requires massive labeled network traffic samples through manual annotation,while maintaining the detection accuracy of the algorithm,a malware detection method is proposed based on semi-supervised learning and network traffic.A small number of labeled network traffic samples and massive unlabeled network traffic samples are adopted to train a malware detection model.The experimental results show that the proposed method has better performance than general deep learning-based malware traffic detection methods in small-sample traffic environments,which can be used in real-world malware traffic detection scenarios with less label data.
作者
桂冠
宁金辉
王禹
GUI Guan;NING Jinhui;WANG Yu(College of Information and Telecommunications Engineering,Nanjing University of Posts and Telecommunications,Nanjing Jiangsu 210023,China)
出处
《移动通信》
2022年第4期28-32,共5页
Mobile Communications
基金
科技创新2030--“新一代人工智能”重大项目(2021ZD0113003)
关键词
恶意软件检测
网络流量
半监督学习
迁移学习
Malware detection
network traffic
semi-supervised learning
transfer learning