Network traffic detection method and device, equipment and storage medium
The invention discloses a network traffic detection method, device and equipment and a storage medium, which are applied to the field of network security, and the method comprises the following steps: capturing a data packet in network traffic in real time by using an eBPF-based XDP; writing the dat...
Gespeichert in:
| Hauptverfasser: | , , , , , , , , , , , , , |
|---|---|
| Format: | Patent |
| Sprache: | chi ; eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The invention discloses a network traffic detection method, device and equipment and a storage medium, which are applied to the field of network security, and the method comprises the following steps: capturing a data packet in network traffic in real time by using an eBPF-based XDP; writing the data packet into a pcap file; detecting a data packet in the pcap file by using a detection model trained based on unsupervised training to obtain a detection result; and when the detection result is abnormal, outputting corresponding abnormal information. According to the invention, an unsupervised detection method based on deep learning is adopted, the use of a large-scale and labeled data set for training is avoided, and the real-time efficiency of network intrusion detection is improved; and the flow is collected by adopting an eBPF-based XDP method, the flow is processed before reaching a memory, and a data packet is directly transmitted to a kernel mode, so that the timeliness of network flow detection is ensure |
|---|