MFA-SGWNN: 基于多特征聚合谱图小波神经网络的僵尸网络检测

doi:10.13209/j.0479-8023.2024.035

北京大学学报自然科学版 ›› 2024, Vol. 60 ›› Issue (3): 403-412.DOI: 10.13209/j.0479-8023.2024.035

MFA-SGWNN: 基于多特征聚合谱图小波神经网络的僵尸网络检测

吴悔¹, 陈旭^1,†, 景永俊¹, 王叔洋²

1. 北方民族大学计算机科学与工程学院, 银川 750000 2. 北方民族大学电气信息工程学院, 银川 750000

收稿日期:2023-05-19 修回日期:2023-07-30 出版日期:2024-05-20 发布日期:2024-05-20
通讯作者: 陈旭, E-mail: chenxu(at)nmu.edu.cn
基金资助:
北方民族大学中央高校基本科研业务费专项资金(2022PT_S04)和宁夏回族自治区重点研发项目(2023BDE02017)资助

MFA-SGWNN: Botnet Detection Based on Multi-Feature Aggregation Spectral Graph Wavelet Neural Network

WU Hui¹, CHEN Xu^1,†, JING Yongjun¹ , WANG Shuyang²

1. School of Computer Science and Engineering, North Minzu University, Yinchuan 750000 2. School of Electrical and Information Engineering, North Minzu University, Yinchuan 750000

Received:2023-05-19 Revised:2023-07-30 Online:2024-05-20 Published:2024-05-20
Contact: CHEN Xu, E-mail: chenxu(at)nmu.edu.cn

摘要/Abstract

摘要：

在僵尸网络攻击中, 由于伪装后的僵尸网络流量数据特征与正常流量数据特征过于相似, 使得传统的检测方法难以准确地进行区分。为解决这一问题, 提出一种基于多特征聚合谱图小波神经网络的方法(Multifeature Aggregation Spectral Graph Wavelet Neural Network, MFA-SGWNN), 将流量的属性特征与空间特征相结合, 能有效地捕获隐藏的感染主机流量特征, 增强僵尸网络节点的特征表示, 同时规避了数据样本不平衡和恶意加密流量对检测的影响。在ISCX2014僵尸网络数据集和CIC-IDS 2017 (僵尸网络)数据集上的实验结果表明, MFA-SGWNN检测效果优于现有方法, 具有更强的鲁棒性和泛化能力。

关键词: 僵尸网络, 图小波神经网络, 网络安全

Abstract:

In botnet attacks, because the characteristics of disguised botnet traffic data are too similar to normal traffic data, it is difficult to distinguish them accurately by traditional detection methods. In order to solve this problem, this paper proposes a Multi-feature Aggregation Spectral Graph Wavelet Neural Network (MFA-SGWNN). This method combines the attribute and spatial features of traffic, which can effectively capture the hidden characteristics of infected host traffic, enhance the feature representation of botnet nodes, and avoid the influence of unbalanced data samples and malicious encrypted traffic on detection. Experimental results on the ISCX2014 botnet and CIC-IDS 2017 (botnet) datasets show that MFA-SGWNN outperforms existing methods and has stronger robustness and generalization ability.

Key words: botnet, graph wavelet neural network, cyber security

吴悔, 陈旭, 景永俊, 王叔洋. MFA-SGWNN: 基于多特征聚合谱图小波神经网络的僵尸网络检测[J]. 北京大学学报自然科学版, 2024, 60(3): 403-412.

WU Hui, CHEN Xu, JING Yongjun, WANG Shuyang. MFA-SGWNN: Botnet Detection Based on Multi-Feature Aggregation Spectral Graph Wavelet Neural Network[J]. Acta Scientiarum Naturalium Universitatis Pekinensis, 2024, 60(3): 403-412.

导出引用管理器 EndNote|Ris|BibTeX

链接本文: https://xbna.pku.edu.cn/CN/10.13209/j.0479-8023.2024.035

https://xbna.pku.edu.cn/CN/Y2024/V60/I3/403

MFA-SGWNN: 基于多特征聚合谱图小波神经网络的僵尸网络检测

MFA-SGWNN: Botnet Detection Based on Multi-Feature Aggregation Spectral Graph Wavelet Neural Network

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 0

编辑推荐

Metrics

留言