引用本文
  • 蹇诗婕,卢志刚,杜丹,姜波,刘宝旭.网络入侵检测技术综述[J].信息安全学报,2020,5(4):96-122    [点击复制]
  • JIAN Shijie,LU Zhigang,DU Dan,JIANG Bo,LIU Baoxu.Overview of Network Intrusion Detection Technology[J].Journal of Cyber Security,2020,5(4):96-122   [点击复制]
【打印本页】 【下载PDF全文】 查看/发表评论下载PDF阅读器关闭

←前一篇|后一篇→

过刊浏览    高级检索

本文已被:浏览 14513次   下载 19140 本文二维码信息
码上扫一扫!
网络入侵检测技术综述
蹇诗婕1,2, 卢志刚1,2, 杜丹1, 姜波1,2, 刘宝旭1,2
0
(1.中国科学院信息工程研究所, 北京 中国 100093;2.中国科学院大学网络空间安全学院, 北京 中国 100049)
摘要:
随着互联网时代的发展,内部威胁、零日漏洞和DoS攻击等攻击行为日益增加,网络安全变得越来越重要,入侵检测已成为网络攻击检测的一种重要手段。随着机器学习算法的发展,研究人员提出了大量的入侵检测技术。本文对这些研究进行了综述。首先,简要介绍了当前的网络安全形势,并给出了入侵检测技术及系统在各个领域的应用。然后,从数据来源、检测技术和检测性能三个方面对入侵检测相关技术和系统进行已有研究工作的总结与评价,其中,检测技术重点论述了传统机器学习、深度学习、强化学习、可视化分析技术等方法。最后,讨论了当前研究中出现的问题并展望该技术的未来发展方向和前景。本文希望能为该领域的研究人员提供一些有益的思考。
关键词:  网络空间安全  入侵检测  机器学习  深度学习  强化学习  可视化分析
DOI:10.19363/J.cnki.cn10-1380/tn.2020.07.07
投稿时间:2019-10-17修订日期:2019-12-09
基金项目:本论文得到国家重点研发计划(No.2018YFB0803602,No.2019QY1303),北京市科技计划(No.Z181100002718005),中国科学院战略性先导C类(No.XDC02040100),国家自然科学青年基金(No.61702508,No.61802404)的资助。这项工作也得到了中国科学院网络评估技术重点实验室和北京市网络安全与保护技术重点实验室的部分支持。
Overview of Network Intrusion Detection Technology
JIAN Shijie1,2, LU Zhigang1,2, DU Dan1, JIANG Bo1,2, LIU Baoxu1,2
(1.Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;2.School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China)
Abstract:
With the development of the Internet era, attacks such as internal threats, zero-day vulnerabilities and DoS attacks are increasing, and network security is becoming more and more important. Intrusion detection has become an important means of network attack detection. With the development of machine learning algorithms, researchers have proposed a large number of intrusion detection techniques. This article reviews these studies. Firstly, it briefly introduces the current network security situation, and gives the application of intrusion detection technology and system in various fields. Then, the existing research work of intrusion detection related technologies and systems is summarized and evaluated from three aspects: data source, detection technology and detection performance. Among them, the detection technology focuses on traditional machine learning, deep learning, reinforcement learning, visual analysis techniques. Finally, the problems in the current research are discussed and the future direction and prospects of the technology are expected. This article hopes to provide some useful thinking for researchers in this field.
Key words:  cyber security  intrusion detection  machine learning  deep learning  reinforcement learning  visual analysis