吉林大学学报(信息科学版) ›› 2021, Vol. 39 ›› Issue (6): 732-742.

• • 上一篇    下一篇

基于机器学习的网络异常检测方法综述

张赛男1 , 孙 彪2   

  1. 1. 吉林财经大学 新闻与传播学院, 长春 130022; 2. 武警长春支队 司令部, 长春 130051
  • 收稿日期:2021-07-14 出版日期:2021-12-01 发布日期:2021-12-02
  • 作者简介:张赛男(1982— ), 女, 长春人, 吉林财经大学副教授, 博士, 主要从事机器学习、个性化教育和新媒体传播等研究, (Tel)86-17390903569(E-mail)120486544@ qq. com。
  • 基金资助:
    吉林省教育厅“十三五”社会科学科研基金资助项目( JJKH20200149SK); 吉林省教育科学规划基金资助项目(GH20232); 吉林省科技厅科技发展计划基金资助项目(20190601015FG)

Research on Network Anomaly Detection Method Basedon Machine Learning

ZHANG Sainan 1 , SUN Biao 2   

  1. 1. School of Journalism and Communication, Jilin University of Finance and Economics, Changchun 130022, China; 2. Headquarters, Changchun Detachment of the Armed Police, Changchun 130051, China
  • Received:2021-07-14 Online:2021-12-01 Published:2021-12-02

摘要: 随着通信、大数据及云计算等技术的成熟应用和广泛普及, 伴随着设备的急剧增多, 数据爆炸式增长, 使网络环境变得日益复杂, 给网络安全带来巨大隐患。 为此, 针对网络安全技术发展需要, 叙述了如何应用 人工智能(AI: Artificial Intelligence)帮助解决网络安全问题。 针对网络中的特定领域或网络技术, 对如何应用 机器学习(ML: Machine Learning)方法提升网络安全性能进行了详细分析。 首先, 总结了在使用 AI 打击网络攻 击方面的现有研究工作, 包括采用传统的机器学习方法和现有的深度学习解决方案。 然后, 分析了 AI 本身可 能遭受的反击, 剖析了它们的特点, 并对相应的防御方法进行了分类。 最后, 提出了一些先进的人工智能网络 安全技术的高级概念, 并展望了未来人工智能如何更好地应用到网络安全领域。

关键词: 机器学习 , 网络安全 , 人工智能 , 防御技术

Abstract: In recent years, benefiting from the mature application of communication, big data, cloud computing and other technologies, “ Internet + ” has been widely popularized in people’s livelihood, economy and government affairs. With the rapid increase of equipment and explosive growth of data, the network environment becomes increasingly complex and brings huge hidden dangers to network security. The need for the development of network security technology and how to apply artificial intelligence AI(Artificial Intelligence) to help solve some problems is introduced. And how to apply machine learning ML(Machine Learning) to improve network security performance is analyzed in detail for specific domain or specific network technology. First, we summarize existing research work on using AI to combat cyber attacks, including using traditional machine learning approaches and existing deep learning solutions. We then analyzed the counterattacks that the AI itself might be subjected to, dissected their characteristics, and classified the appropriate defenses. We also provide some advanced concepts of artificial intelligence network security technology i. e. how to better apply artificial intelligence to the field of network security in the future.

Key words: machine learning, network security, artificial intelligence, defense technology

中图分类号: 

  • TP391. 1