CN113128571A - Method for detecting artificial intelligence technology in network security - Google Patents

Method for detecting artificial intelligence technology in network security Download PDF

Info

Publication number
CN113128571A
CN113128571A CN202110339996.9A CN202110339996A CN113128571A CN 113128571 A CN113128571 A CN 113128571A CN 202110339996 A CN202110339996 A CN 202110339996A CN 113128571 A CN113128571 A CN 113128571A
Authority
CN
China
Prior art keywords
network
data set
data
network security
neural network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110339996.9A
Other languages
Chinese (zh)
Inventor
赵金雄
白静
李志茹
马宏忠
杨勇
马志程
张欣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Matan Primary School In Qilihe District Of Lanzhou City
Electric Power Research Institute of State Grid Gansu Electric Power Co Ltd
Original Assignee
Matan Primary School In Qilihe District Of Lanzhou City
Electric Power Research Institute of State Grid Gansu Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Matan Primary School In Qilihe District Of Lanzhou City, Electric Power Research Institute of State Grid Gansu Electric Power Co Ltd filed Critical Matan Primary School In Qilihe District Of Lanzhou City
Priority to CN202110339996.9A priority Critical patent/CN113128571A/en
Publication of CN113128571A publication Critical patent/CN113128571A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/24Classification techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/214Generating training patterns; Bootstrap methods, e.g. bagging or boosting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Artificial Intelligence (AREA)
  • Evolutionary Computation (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Biology (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Biophysics (AREA)
  • Computational Linguistics (AREA)
  • General Health & Medical Sciences (AREA)
  • Molecular Biology (AREA)
  • Mathematical Physics (AREA)
  • Software Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Alarm Systems (AREA)

Abstract

The invention provides a detection method of an artificial intelligence technology in network security, which is characterized by comprising the following steps: acquiring a network security data set, carrying out numerical, normalized and normalized processing on the network security data set contained in the network security data set, and converting text data into readable information of a neural network; processing the network security data set after the numeralization, normalization and normalization processing by using artificial intelligence to obtain a classification data set; optimizing the neural network according to the network safety data and the corresponding classification data set to obtain a risk detection neural network; according to the method, the network data are classified and detected according to the neural network, an artificial intelligence technology is utilized, a network security risk monitoring experiment platform under a network environment is constructed on the basis of a virtual network system, the security risk of a complex network is monitored comprehensively, accurately and quickly, and the security of the network system is improved.

Description

Method for detecting artificial intelligence technology in network security
Technical Field
The invention mainly relates to the technical field of network security, in particular to a detection method of an artificial intelligence technology in network security.
Background
With the rapid development of network information technology, networks have become important guarantees and indispensable tools for social development and economic development. With the rapid development of artificial intelligence technology, its application in the field of network security monitoring is increasing. A great deal of research work is carried out on a network development technology, a network security system, an expert system and the like, the intelligent firewall technology, the intrusion monitoring technology and the spam network security defense are successfully implemented, and the network security is in the leading position of threats rather than reacting to the threats. At present, in the monitoring and research of network security risks, achievements obtained from existing computer networks and industrial control networks are usually adopted, and in the design process of a network system, conventional network security equipment such as a firewall, an intrusion detection system, network isolation equipment and the like is introduced to ensure the security of the network system, but the security risks of a complex network cannot be monitored in an all-round, high-precision and rapid manner.
Disclosure of Invention
The invention mainly provides a detection method of an artificial intelligence technology in network security, which is used for solving the technical problems in the background technology.
The technical scheme adopted by the invention for solving the technical problems is as follows:
a detection method of artificial intelligence technology in network security comprises the following steps:
(1) acquiring a network security data set, carrying out numerical, normalized and normalized processing on the network security data set contained in the network security data set, and converting text data into readable information of a neural network;
(2) processing the network security data set after the numeralization, normalization and normalization processing by using artificial intelligence to obtain a classification data set;
(3) optimizing the neural network according to the network safety data and the corresponding classification data set to obtain a risk detection neural network;
(4) performing classification detection on network data according to the neural network,
the network safety risk monitoring experiment platform under the network environment is constructed based on the virtual network system by utilizing the artificial intelligence technology, the safety risk of the complex network is monitored in an all-round, high-precision and rapid manner, and the safety of the network system is improved.
Further, the processing of the network security number set by numeralization, normalization and normalization includes:
(1) deleting the types of data with a large proportion number in the redundant data in the network security data set, reducing data redundancy and realizing balance among different types of data;
(2) digitizing text data in the network security data set, and representing different text data by using set numerical values;
(3) and normalizing the protocol type, the normal or wrong connection state and the byte number numerical attribute of the data from the source host to the target host in the network security data set.
Further, the artificial intelligence system inputs data in the artificial immune system data set to be extracted, and the data extracted by the artificial immune system is used for outputting a classification data set to be optimized and adjusted, so that a risk detection neural network is obtained.
Further, the artificial intelligence system detects the following:
(1) carrying out data detection on the mail system, the firewall system and the intrusion detection system;
(2) classifying the data detected by the mail system, the firewall system and the intrusion detection system by using an expert system;
(3) the expert system classifies the data to obtain a filtering data set and an optimizing data set;
(4) and the data of the optimized data set is used for outputting a classified data set to carry out optimization adjustment so as to obtain a risk detection neural network.
Further, the risk detection neural network detects the following:
(1) the preprocessing unit is used for acquiring the network security data set, carrying out numerical, normalized and normalized processing on the network security data contained in the network security data set, and converting text data into readable information of the neural network;
(2) the neural network unit is used for the neural network of the artificial intelligence system to train the normalized and normalized network security data set to obtain a classified data set;
(3) the optimization unit is used for optimizing and adjusting the neural network according to the network security data set and the corresponding classification data set to obtain a risk monitoring neural network;
(4) and the monitoring unit is used for carrying out classified monitoring on the network data according to the network safety neural network.
Compared with the prior art, the invention has the beneficial effects that:
according to the network security risk monitoring method and device, the problem that the traditional network security monitoring device and method are poor in applicability is adopted, the network security monitoring and identifying precision is improved, the network intrusion behavior is identified quickly and accurately, meanwhile, an artificial intelligence technology is utilized, a network security risk monitoring experiment platform under a network environment is constructed based on a virtual network system, the security risk of a complex network is monitored comprehensively, accurately and quickly, and the security of the network system is improved.
The present invention will be explained in detail below with reference to the drawings and specific embodiments.
Drawings
FIG. 1 is a schematic diagram of the network security detection principle of the present invention;
FIG. 2 is a schematic diagram of the artificial intelligence data normalization processing result structure according to the present invention;
fig. 3 is a schematic structural diagram of the cyber-security risk monitoring system according to the present invention.
Detailed Description
In order to facilitate an understanding of the invention, the invention will now be described more fully hereinafter with reference to the accompanying drawings, in which several embodiments of the invention are shown, but which may be embodied in different forms and not limited to the embodiments described herein, but which are provided so as to provide a more thorough and complete disclosure of the invention.
It will be understood that when an element is referred to as being "secured to" another element, it can be directly on the other element or intervening elements may be present, and when an element is referred to as being "connected" to another element, it can be directly connected to the other element or intervening elements may also be present, as the terms "vertical", "horizontal", "left", "right" and the like are used herein for descriptive purposes only.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs, and the knowledge of the terms used herein in the specification of the present invention is for the purpose of describing particular embodiments and is not intended to limit the present invention, and the term "and/or" as used herein includes any and all combinations of one or more of the associated listed items.
Referring to fig. 1-3, a method for detecting the artificial intelligence technology in the network security includes the following steps:
(1) acquiring a network security data set, carrying out numerical, normalized and normalized processing on the network security data set contained in the network security data set, and converting text data into readable information of a neural network;
(2) processing the network security data set after the numeralization, normalization and normalization processing by using artificial intelligence to obtain a classification data set;
(3) optimizing the neural network according to the network safety data and the corresponding classification data set to obtain a risk detection neural network;
(4) carrying out classification detection on network data according to the neural network;
the network security number set is subjected to numeralization, normalization and normalization processing, and the processing comprises the following steps:
(1) deleting the types of data with a large proportion number in the redundant data in the network security data set, reducing data redundancy and realizing balance among different types of data;
(2) digitizing text data in the network security data set, and representing different text data by using set numerical values;
(3) normalizing the protocol type, the normal or wrong connection state and the byte number numerical attribute of the data from the source host to the target host in the network security data set;
the artificial intelligence system inputs data extracted from an artificial immune system data set, the data extracted from the artificial immune system is used for outputting a classified data set to perform optimization adjustment, and a risk detection neural network is obtained, wherein the artificial intelligence system detects the following steps:
(1) carrying out data detection on the mail system, the firewall system and the intrusion detection system;
(2) classifying the data detected by the mail system, the firewall system and the intrusion detection system by using an expert system;
(3) the expert system classifies the data to obtain a filtering data set and an optimizing data set;
(4) the data of the optimized data set is used for outputting a classified data set to carry out optimization adjustment so as to obtain a risk detection neural network;
the risk detection neural network detects as follows:
(1) the preprocessing unit is used for acquiring the network security data set, carrying out numerical, normalized and normalized processing on the network security data contained in the network security data set, and converting text data into readable information of the neural network;
(2) the neural network unit is used for the neural network of the artificial intelligence system to train the normalized and normalized network security data set to obtain a classified data set;
(3) the optimization unit is used for optimizing and adjusting the neural network according to the network security data set and the corresponding classification data set to obtain a risk monitoring neural network;
(4) the monitoring unit is used for carrying out classified monitoring on the network data according to the network safety neural network;
the network safety risk monitoring experiment platform under the network environment is constructed based on the virtual network system by utilizing the artificial intelligence technology, the safety risk of the complex network is monitored in an all-round, high-precision and rapid manner, and the safety of the network system is improved.
The invention is described above with reference to the accompanying drawings, it is obvious that the invention is not limited to the above-described embodiments, and it is within the scope of the invention to adopt such insubstantial modifications of the inventive method concept and solution, or to apply the inventive concept and solution directly to other applications without modification.

Claims (5)

1. A detection method of artificial intelligence technology in network security is characterized by comprising the following steps:
(1) acquiring a network security data set, carrying out numerical, normalized and normalized processing on the network security data set contained in the network security data set, and converting text data into readable information of a neural network;
(2) processing the network security data set after the numeralization, normalization and normalization processing by using artificial intelligence to obtain a classification data set;
(3) optimizing the neural network according to the network safety data and the corresponding classification data set to obtain a risk detection neural network;
(4) and carrying out classification detection on the network data according to the neural network.
2. The method for detecting the network security of the artificial intelligence technology according to claim 1, wherein the digitizing, normalizing and normalizing the network security number set comprises:
(1) deleting the types of data with a large proportion number in the redundant data in the network security data set, reducing data redundancy and realizing balance among different types of data;
(2) digitizing text data in the network security data set, and representing different text data by using set numerical values;
(3) and normalizing the protocol type, the normal or wrong connection state and the byte number numerical attribute of the data from the source host to the target host in the network security data set.
3. The method of claim 1, wherein the artificial intelligence system inputs data extracted from the data set of the artificial immune system, and the data extracted from the artificial immune system is used to output the classified data set for optimization and adjustment, so as to obtain the risk detection neural network.
4. The method for detecting artificial intelligence technology in network security according to claim 3, wherein the artificial intelligence system detects the following:
(1) carrying out data detection on the mail system, the firewall system and the intrusion detection system;
(2) classifying the data detected by the mail system, the firewall system and the intrusion detection system by using an expert system;
(3) the expert system classifies the data to obtain a filtering data set and an optimizing data set;
(4) and the data of the optimized data set is used for outputting a classified data set to carry out optimization adjustment so as to obtain a risk detection neural network.
5. The method for detecting artificial intelligence technology in network security according to claim 1, wherein the risk detection neural network detects the following:
(1) the preprocessing unit is used for acquiring the network security data set, carrying out numerical, normalized and normalized processing on the network security data contained in the network security data set, and converting text data into readable information of the neural network;
(2) the neural network unit is used for the neural network of the artificial intelligence system to train the normalized and normalized network security data set to obtain a classified data set;
(3) the optimization unit is used for optimizing and adjusting the neural network according to the network security data set and the corresponding classification data set to obtain a risk monitoring neural network;
(4) and the monitoring unit is used for carrying out classified monitoring on the network data according to the network safety neural network.
CN202110339996.9A 2021-03-30 2021-03-30 Method for detecting artificial intelligence technology in network security Pending CN113128571A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110339996.9A CN113128571A (en) 2021-03-30 2021-03-30 Method for detecting artificial intelligence technology in network security

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110339996.9A CN113128571A (en) 2021-03-30 2021-03-30 Method for detecting artificial intelligence technology in network security

Publications (1)

Publication Number Publication Date
CN113128571A true CN113128571A (en) 2021-07-16

Family

ID=76774613

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110339996.9A Pending CN113128571A (en) 2021-03-30 2021-03-30 Method for detecting artificial intelligence technology in network security

Country Status (1)

Country Link
CN (1) CN113128571A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080172347A1 (en) * 2007-01-15 2008-07-17 Andrew Bernoth Method and sysem for utilizing an expert system to determine whether to alter a firewall configuration
CN102130783A (en) * 2011-01-24 2011-07-20 浪潮通信信息系统有限公司 Intelligent alarm monitoring method of neural network
CN102195975A (en) * 2011-04-08 2011-09-21 上海电机学院 Intelligent NIPS (Network Intrusion Prevention System) framework for quantifying neural network based on mobile agent (MA) and learning vector
CN105930347A (en) * 2016-04-05 2016-09-07 浙江远传信息技术股份有限公司 Text analysis based power outage cause recognition system
CN111935134A (en) * 2020-08-06 2020-11-13 中国交通通信信息中心 Complex network security risk monitoring method and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080172347A1 (en) * 2007-01-15 2008-07-17 Andrew Bernoth Method and sysem for utilizing an expert system to determine whether to alter a firewall configuration
CN102130783A (en) * 2011-01-24 2011-07-20 浪潮通信信息系统有限公司 Intelligent alarm monitoring method of neural network
CN102195975A (en) * 2011-04-08 2011-09-21 上海电机学院 Intelligent NIPS (Network Intrusion Prevention System) framework for quantifying neural network based on mobile agent (MA) and learning vector
CN105930347A (en) * 2016-04-05 2016-09-07 浙江远传信息技术股份有限公司 Text analysis based power outage cause recognition system
CN111935134A (en) * 2020-08-06 2020-11-13 中国交通通信信息中心 Complex network security risk monitoring method and system

Similar Documents

Publication Publication Date Title
CN106790256B (en) Active machine learning system for dangerous host supervision
CN105704103B (en) Modbus TCP communication behavior abnormity detection method based on OCSVM double-contour model
CN101937445B (en) Automatic file classification system
Wang et al. An exhaustive research on the application of intrusion detection technology in computer network security in sensor networks
CN107391598A (en) One kind threatens information automatic generation method and system
CN111598179B (en) Power monitoring system user abnormal behavior analysis method, storage medium and equipment
CN110879881B (en) Mouse track recognition method based on feature component hierarchy and semi-supervised random forest
CN106845220B (en) Android malicious software detection system and method
CN114491524A (en) Big data communication system applied to intelligent network security
CN113067798B (en) ICS intrusion detection method and device, electronic equipment and storage medium
CN107341371A (en) A kind of script control method suitable for web configurations
CN106644035B (en) Vibration source identification method and system based on time-frequency transformation characteristics
Harbola et al. Improved intrusion detection in DDoS applying feature selection using rank & score of attributes in KDD-99 data set
Arora et al. Improvement in the performance of deep neural network model using learning rate
CN109885092B (en) Unmanned aerial vehicle flight control data identification method
CN113128571A (en) Method for detecting artificial intelligence technology in network security
CN107609409A (en) A kind of big data analysis system using computer verification code technology
CN111899138A (en) Teaching behavior analysis system and method based on big data
Tang et al. Association Analysis of Abnormal Behavior of Electronic Invoice Based on K-Means and Skip-Gram
CN201796362U (en) Automatic file classifying system
CN114969761A (en) Log anomaly detection method based on LDA theme characteristics
KR102357630B1 (en) Apparatus and Method for Classifying Attack Tactics of Security Event in Industrial Control System
Lasky et al. Machine Learning Based Approach to Recommend MITRE ATT&CK Framework for Software Requirements and Design Specifications
CN114398887A (en) Text classification method and device and electronic equipment
CN113114664A (en) Abnormal flow detection system and method based on hybrid convolutional neural network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination