| 基于智能算法协同的铁路网络加密流量智能监测系统研究 |
| |
| 引用本文: | 尹虹,赵闪,李泽,王蕊,岳超.基于智能算法协同的铁路网络加密流量智能监测系统研究[J].铁路计算机应用,2022,31(10):6-9. |
| |
| 作者姓名: | 尹虹 赵闪 李泽 王蕊 岳超 |
| |
| 作者单位: | 1.中国铁道科学研究院集团有限公司 电子计算技术研究所,北京 100081 |
| |
| 基金项目: | 中国国家铁路集团有限公司科研开发计划重点课题(N2020W006) |
| |
| 摘 要: | 针对铁路网络安全需求中加密威胁难检测,加密业务与加密流量监管困难的现状,特别是加密流量分析粒度不够,技术支撑性不足等问题,设计了由数据获取子系统、特征建模子系统、智能分析子系统、配置管理子系统组成的基于智能算法协同的铁路网络加密流量智能监测系统,阐述了基于两阶段长短期记忆(LSTM,Long Short-Term Memory)网络的加密流量异常识别、基于Elmo+LSTM+SelfAttention模型的加密流量应用类型识别关键技术。该系统有助于提升加密流量监测技术水平、增强铁路网络安全综合防御能力,也为未来铁路领域网络与信息系统安全运行维护提供了技术支撑。
|
| 关 键 词: | 加密流量监测 人工智能 铁路网络 智能监测系统 机器学习 |
| 收稿时间: | 2022-04-27 |
Railway network encrypted traffic intelligent monitoring system based on intelligent algorithm cooperation |
| |
| Affiliation: | 1.Institute of Computing Technologies, China Academy of Railway Sciences Corporation Limited, Beijing 100081, China2.Xingtang Telecommunications Technology Co. Ltd., Beijing 100191, China3.General Office, CHINA RAILWAY, Beijing 100844, China |
| |
| Abstract: | Aiming at the current situation of difficult detection of encrypted threats and difficulties in the supervision of encrypted services and encrypted traffic in railway network security requirements, especially the problems such as insufficient granularity of encrypted traffic analysis and insufficient technical support. This paper designed a railway network encrypted traffic intelligent monitoring system based on intelligent algorithm collaboration, which was composed of data acquisition subsystem, feature modeling subsystem, intelligent analysis subsystem and configuration management subsystem, and described the key technologies of application type identification of encrypted traffic based on the Elmo+LSTM+Self-Attention model and exception identification of encrypted traffic based on two-stage Long Short-Term Memory(LSTM) network. The system helps to improve the encrypted traffic monitoring technology, enhance the comprehensive defense capability of railway network security, and also provides technical support for the safe operation and maintenance of the network and information system in the future railway field. |
| |
| Keywords: | |
|
| 点击此处可从《铁路计算机应用》浏览原始摘要信息 |
|
点击此处可从《铁路计算机应用》下载全文 |
|
