摘要
在分布式网络环境中,各个子网和主机中运行不同的操作系统,多样性导致了安全配置的复杂性和不一致性,攻击者可通过占用系统资源或发动分布式拒绝服务攻击(DDoS)等方式,使网络服务变得不可用,增加了安全漏洞的风险。为了及时发现这些漏洞,提出Light GBM算法下信息网络传输分布式安全漏洞检测方法。建立分布式漏洞扫描与检测结构,以最小漏洞扫描时间为目标,将扫描任务被分配到多个节点上执行,实现分布式漏洞扫描,降低网络的复杂性。在分布漏洞扫描的过程中,基于Light GBM算法集成多个弱分类器,并通过逐步优化每一轮生成的CART树减少损失值,对网络流量变化的动态特性进行实时调整,不断地逼近真实的漏洞检测边界,实现信息网络传输分布式安全漏洞检测。实验结果表明,所提方法的信息网络传输分布式安全漏洞检测具有更高的准确性和更高的检测速度,且可有效地应对信息网络传输分布式安全漏洞的检测任务。
In a distributed network environment,various subnets and hosts run different operating systems.This diversity leads to the complexity and inconsistency of security configurations.Attackers can render network services unavailable by occupying system resources or launchingdistributed denial-of-service(DDoS)attacks,thereby increasing the risk of security vulnerabilities.In order to detect these vulnerabilities in time,a distributed security vulnerability detection method for information network transmission underLightGBM algorithm is proposed.The distributed vulnerability scanning and detection structure is established,with the goal of minimizing the vulnerability scanning time,the scanning task is assigned to multiple nodes to realize distributed vulnerability scanning and reduce the complexity of the network.In the process of distributed vulnerability scanning,multiple weak classifiers are integrated based on the LightGBM algorithm,and the loss value is reduced by gradually optimizing the CART tree generated in each round,and real-time adjustments are made to the dynamic characteristics of the network traffic changes to continuously approach the real vulnerability detection boundary and realize the distributed security vulnerability detection of information network transmission.The experimentalresults show that the proposedmethodofdistributed security vulnerability detection for information network transmission has higher accuracy and detection speed,and can effectively cope with the task of detecting distributed security vulnerabilities in information network transmission.
作者
周兵
余乐乐
ZHOU Bing;YU Le-le(Taixing Second People's Hospital,Taizhou Jiangsu 225473,China;School of Electrical and Control Engineering,Northern University of China,Shanxi Taiyuan O30051,China)
出处
《计算机仿真》
2026年第1期486-490,共5页
Computer Simulation
基金
江苏省医院管理创新研究课题(JSYGCX2023-41A)。
关键词
信息网络传输
漏洞检测
漏洞扫描
决策树
Information network transmission
Vulnerability detection
Vulnerability scanning
Decision tree
