基于梯度提升决策树的加密恶意流量自动检测方法

扫码查看

原文链接

NETL
NSTL
万方数据
维普

中文摘要：为保护网络资源、维护网络空间安全,识别加密的恶意流量,提出基于梯度提升决策树(Gradient Boosting Decision Tree,GBDT)的加密恶意流量自动检测方法.通过分析网络流量中的加密数据特点,提取加密恶意流量特征.结合GBDT算法,以提取出的特征为基础,锁定恶意流量源网际互连协议(Internet Protocol,IP)地址.针对已确定的恶意流量IP地址,调整误分类代价累积值,识别与检测加密恶意流量.实验结果表明:该方法检测恶意流量的效率较高,漏报率较低,为网络安全防护提供了有力的技术支持.

外文标题：Automatic Detection Method of Encrypted Malicious Traffic Based on the Gradient Boosting Decision Tree

外文摘要：To protect network resources,maintain network space security,and identify encrypted malicious traffic,an automatic detection method for encrypted malicious traffic based on Gradient Boosting Decision Tree(GBDT)is proposed.Extract encrypted malicious traffic features by analyzing the characteristics of encrypted data in network traffic.Based on the extracted features using the GBDT algorithm,the malicious traffic source Internet Protocol(IP)address is identified.Adjust the accumulated misclassification cost for identified malicious IP addresses and identify and detect encrypted malicious traffic.The experimental results show that this method has high efficiency in detecting malicious traffic and low false alarm rate,providing strong technical support for network security protection.

外文关键词：

traffic detectionencrypted malicious trafficnetwork securityencrypted traffic identificationGradient Boosting Decision Tree(GBDT)

作者：

黎斌

展开 >

作者单位：

广西职业技术学院,南宁 530226

关键词：

流量检测加密恶意流量网络安全加密流量识别梯度提升决策树(GBDT)

出版年：

2025

DOI：

10.26921/j.cnki.2096-6059.2025.01.031

智能物联技术

中国电子科技集团公司第52研究所

智能物联技术

ISSN：2096-6059

年,卷(期)：2025.57(1)