摘要
随着移动互联网的蓬勃发展,Web应用已经广泛深入各行各业。针对Web应用的攻击已成为企业面临的主要安全问题之一。面对日益增加的Web应用攻击,传统基于规则的安全产品难以实现对未知威胁的拦截,且随着规则的逐渐增加,将严重影响安全产品的性能。因此,研究多分类检测模型,实现模型对威胁数据的识别检测,并通过模型优化及真实环境数据进行对比验证。结果证明,基于随机森林及lightGBM算法构建的多分类模型,在多分类模型的评估指标上优于基于SVM的多分类检测模型,能够达到理想的检测效果。
With the vigorous development of the mobile Internet,Web applications have been widely penetrated into all walks of life.Attacks on web applications have become one of the main security issues facing enterprises.In the face of increasing web application attacks,it is difficult for traditional rule-based security products to block unknown threats,and with the gradual increase of rules,it will seriously affect the performance of security products.This paper explores the multi-class detection model and realizes the recognition and detection of threat data by the model.It is verified by model optimization and comparison with real environmental data.The results prove that the multi-classification model based on random forest and lightGBM algorithm is superior to the multi-class detection model based on SVM in the evaluation index of multi-classification model,and can achieve the ideal detection effect.
作者
杨成刚
YANG Chenggang(Mianyang Human Resources and Social Information Center,Mianyang Sichuan 621000)
出处
《通信技术》
2021年第4期967-975,共9页
Communications Technology
关键词
机器学习
威胁检测
特征提取
多分类模型
machine learning
threat detection
feature extraction
multi-class model
