| The rapid development and popularization of computer networks have profoundly affected all aspects of today’s world.Cyberspace has become the fifth frontier after land,sea,air,and space.The importance of network security has reached an unprecedented level.Many network security protection technologies and products have been widely studied and used.However,network security attacks are still emerging one after another,especially new unknown attacks,which constantly challenge and break through the attack detection of traditional security defenses.Therefore,when security vulnerabilities are inevitable and security attacks cannot be eliminated,effective detection and identification of new unknown attacks is the key to change the passive situation of security defense in the process of continuous confrontation and competition with security attacks,and it is the focus of research in the field of network security.With the help of technologies such as cloud computing and big data,the third wave of artificial intelligence not only promotes significant progress and great success in image recognition,natural language processing,autonomous driving and other industries,but also made fruitful research achievements in many scenarios of network security,such as abnormal traffic analysis,malware identification and attack behavior detection.However,due to the single dimension of the data source of network security attacks and the limited information volume,the existing security attack detection solutions face difficulties in improving the accuracy of unknown attack identification and fine-grained classification of unknown attacks.Therefore,for the new type of unknown network attack behavior detection,identification and type classification,this thesis studies the unknown attack detection method based on multi-source data and the hierarchical fine-grained unknown attack classification method.For the problem that the network security attack data dimension is small,the scale is small,and the difference is large,the recognition accuracy of new unknown attacks is low.In this thesis,using the idea of multi-classifier integration,an unknown attack detection method based on multi-source data fusion is proposed.Based on the independent classifier training of different source data,the weight of the classifier is adaptively adjusted according to the classifier accuracy to realize the accurate recognition of unknown attack samples.The analysis and experimental results show that compared with the existing single-classifier identification scheme,the proposed method can not only effectively identify known attacks,but also identify unknown attacks with an accuracy of over 90%.For the problems that existing security attack detection schemes are difficult to classify new network attacks,lack of classification support,and poor performance,this thesis proposes a hierarchical fine-grained unknown attack classification method by using the concept of extreme value theory.Because the reconstruction error of unknown attacks is usually higher than that of known attacks,a reconstruction algorithm of the unknown attack detection and classification model is designed to achieve stable and reliable fine-grained classification of known and unknown attacks.The analysis and experimental results show that compared with the recognized existing advanced benchmark models,with the increase of the types of unknown attack samples,the recognition and classification accuracy of the proposed scheme can be maintained at about 85%.Based on the above research,this thesis designs and implements a network attack behavior intelligent detection prototype system for private cloud platform,which verifies the practical availability of the unknown attack behavior identification and classification method.It has been deployed and applied in real scenes such as data center security monitoring and smart community security operation,which improves the ease of use,scalability and stability of system security management. |
PDF Full Text Request