摘要
异常流量检测需要在海量的数据流中检测出网络流量异常,传统的异常流量检测无法自学习和自演进,在复杂、多变的网络环境下面临巨大挑战。机器学习的方法在完成异常流量检测的同时,可以不断地对新的异常流量进行标记和学习,不断地完善异常流量检测系统,提高异常流量检测系统的准确度,并可对未知的异常进行预测与分类。文章对基于机器学习的网络异常流量检测进行分析和比较,包括监督学习、非监督学习、半监督学习下的异常流量检测,指出了基于机器学习的异常流量检测技术的未来发展方向。
Abnormal traffic detection aims to detect abnormal traffic from massive network traffic data. It is difficult for the traditional abnormal traffic to perform this function under the complex and dynamic network environment. Machine learning based abormal traffic detection algorithms have the ability of self-evolving with the marking and learning abilities of new abnormal traffic data, improve detection accuracy rate and can even detect unknown abnormal traffic.This article introduce the machine learning based abnormal traffic detection in three aspects : supervision learning, unsupervised learning and semi-supervised learning. We also provide thefiiture research directions of machine learning based abnormal traffic detection.
出处
《信息通信》
2017年第12期39-42,共4页
Information & Communications
基金
赛尔网络下一代互联网技术创新项目(NGII20150101)资助
关键词
网络安全
异常流量检测
机器学习
Network security
Abnormal traffci detection
Machine learning