Research On Key Technologies Of Network Security Monitoring Based On Distributed Artificial Intelligence

As one of the national communication network infrastructure,the Internet is closely connected with people’s daily life.Whether its Cyberspace Security directly affects national security and is a basic content of national security.Network security monitoring technology can effectively perceive network attacks.Traditional network security monitoring technology often needs to determine the characteristics of attack behavior manually,and the detection efficiency is low;The network security monitoring technology based on centralized artificial intelligence often can not ensure the privacy and security of data,and has high requirements for computer storage and processing performance.Aiming at the privacy data of data islands in distributed scenarios,this paper uses the network security monitoring technology based on distributed artificial intelligence to propose a detection scheme for typical network security problems such as botnets and malware.Firstly,aiming at the problem that the generalization ability of locally trained botnet detection model is weak due to the high local aggregation of data,a botnet detection method based on distributed local topology is proposed.Through the study of structured botnet command and control Based on the topological characteristics of(C & C)graph,combined with the distributed graph neural network model and attention mechanism,a botnet detection model based on graph attention neural network is proposed.By comparing the accuracy and recall rate with GNN model and the detection model based on spark streaming distributed stream processing platform,the proposed method is verified in large-scale network communication with complex topology The ability to detect botnets in the figure.Secondly,aiming at the problem that the training of malware detection model needs traffic characteristics and carries too much privacy data,which makes it difficult to make full use of local network traffic,a malware dynamic detection method based on distributed traffic data behavior analysis is proposed.By studying the behavior characteristics in traffic data,combined with deep neural network and federated learning,a malware detection scheme based on CNN bilstm is proposed.By comparing the detection accuracy with the detection model based on random forest and the detection model based on automatic encoder,it is verified that the proposed method has high detection accuracy and the ability to break the data island in the distributed scene.