Font Size: a A A

A Malicious Traffic Identification Model Based On Contrastive Learning And Its Application

Posted on:2023-12-31Degree:MasterType:Thesis
Country:ChinaCandidate:Z H SongFull Text:PDF
GTID:2568307022497824Subject:Software engineering
Abstract/Summary:PDF Full Text Request
In recent years,with the rapid development and popularity of Internet technology,network technology has become a strategic new high ground for international gaming while promoting the development of human social production methods as well as social relations.Network traffic as a carrier of Internet information,a variety of malicious attack software will be associated on it,so an effective traffic detection system is the most direct and effective means of interception in the network defense system.Early traffic detection methods were based on rule sets written by manual reverse analysis,and such a highly specialized approach is difficult to adapt to increasingly complex attacks.With the rapid development of machine learning and deep learning,researchers are beginning to bring these algorithms into the cybersecurity field to solve problems.The need to identify and deploy complex traffic on the ground requires limits on the memory footprint of the model and the speed of inference when using deep learning.The HALNet proposed in the previous work can effectively identify command and control type malicious traffic,but is not suitable for application in systems.Based on this,a lightweight model HALNet-light based on contrast learning is proposed,while using the contrast learning approach to solve the concept drift problem in practical deployments and make the model more powerful and adaptive.The model has good detection results on both the CCE2021 dataset as well as the CICIDS2017 public dataset.Secondly,a malicious traffic identification system is designed to realize the ground deployment of the model.The system is divided into four modules: user management,traffic collection,model deployment,and log display,and the system implementation is completed with the functional design of each module.Finally,the effectiveness of the above model and the integrity of the system were verified through system testing.Through the above experimental analysis,HALNet-light model can lightly identify command and control malicious traffic and is robust to environmental changes.The malicious traffic identification system based on comparative learning can effectively realize the complete chain from model deployment to data display,which provides a more complete solution for deep learning algorithms in malicious traffic identification tasks.
Keywords/Search Tags:Traffic identification, Deep learning, Comparative learning, C&C malicious traffic, Multi-temporal features
PDF Full Text Request
Related items