基于PSO-KM聚类分析的通信网络恶意攻击代码检测方法

扫码查看

原文链接

万方数据
维普

中文摘要：恶意代码的快速发展严重影响到网络信息安全，传统恶意代码检测方法对网络行为特征划分不明确，导致恶意攻击代码的识别率低、误报率高，研究基于PSO-KM聚类分析的通信网络恶意攻击代码检测方法;分析通信网络中恶意攻击代码的具体内容，从网络层流动轨迹入手提取网络行为，在MFAB-NB框架内确定行为特征;通过归一化算法选择初始处理中心，将分类的通信网络行为特征进行归一化处理，判断攻击速度和位置;实时跟进通信网络数据传输全过程，应用适应度函数寻求恶意代码更新最优解;基于PSO-KM聚类分析技术构建恶意代码数据特征集合，利用小批量计算方式分配特征聚类权重，以加权平均值作为分配依据检测恶意攻击代码，实现检测方法设计;实验结果表明:在文章方法应用下对恶意攻击代码检测的识别率达到95。0％以上，最高值接近99。7％，误报率可以控制在0。4％之内，具有应用价值。

外文标题：Detection Method of Malicious Attack Codes in Communication Network Based on PSO-KM Cluster Analysis

外文摘要：The rapid development of malicious code has seriously affected network information security.Traditional malicious code detection methods do not clearly divide network behavior characteristics,causing the low recognition rate and high false positive rate of malicious attack code.Therefore,a malicious attack code detection method for communication network based on PSO-KM clustering analysis is researched.The specific content of malicious attack code in communication network is analyzed,and the network behavior is extracted from the flow trajectory of network layer,and the behavior characteristics are determined in the MFAB-NB framework.The initial processing center is selected by the normalization algorithm,and the behavior characteristics of the classified communication network are normalized to judge the attack speed and location.The whole process of communication network data transmission is followed up in real time,and the fitness function is applied to seek the updating optimal solution of malicious code.The feature set of malicious code data is constructed based on the PSO-KM clustering analysis technology,and the small batch calcu-lation method is used to allocate the weight of the feature cluster.The weighted average value is used as the distribution basis to de-tect the malicious attack code,realize the design of detection method.The experimental results show that under the application of this method,the correct recognition rate of malicious attack code detection can reach more than 95.0％,the highest value is close to 99.7％,and the false positive rate can be controlled within 0.4％,and it has better application value.

外文关键词：

malicious attack codecommunication networkPSO-KM clustering analysiscluster weightnetwork behavior char-acteristicsdegree of good or bad behavior

作者：

李梅、朱明宇

展开 >

作者单位：

苏州高博软件技术职业学院信息与软件学院,江苏苏州 215163

关键词：

恶意攻击代码通信网络 PSO-KM聚类分析聚类权重网络行为特征行为优劣程度

基金：

江苏省高等职业教育高水平专业群江苏省高等职业教育高水平骨干专业建设项目

项目编号：

苏教职函[2021]1号苏教高[2017]17号

出版年：

2024

DOI：

10.16526/j.cnki.11-4762/tp.2024.01.002

计算机测量与控制

中国计算机自动测量与控制技术协会

计算机测量与控制

CSTPCD

影响因子：0.546

ISSN：1671-4598

年,卷(期)：2024.32(1)

参考文献量21