公开(公告)号：US20220368703A1

公开(公告)日：2022-11-17

申请号：US17761861

申请日：2020-03-18

Applicant: UNIVERSITY OF SCIENCE AND TECHNOLOGY OF CHINA

Inventor： Xiaofeng JIANG ,  Siyu CHENG ,  Jian YANG ,  Xiaobin TAN ,  Yongdong ZHANG

IPC: H04L9/40 ,  G06N20/00

Abstract: A method for detecting security based on machine learning in combination with rule matching is provided, including: establishing a machine learning model; training the machine learning model by using a labeled legal traffic and a labeled malicious traffic; collecting a network traffic; preprocessing the collected network traffic; detecting a malicious traffic from the preprocessed network traffic by using a rule-matching-based method; identifying a malicious traffic from the preprocessed network traffic by using the trained machine learning model, including: extracting a feature of the preprocessed network traffic, and identifying the malicious traffic based on the extracted feature by using the trained machine learning model; and integrating the malicious traffic detected by the rule-matching-based method and the malicious traffic identified by the trained machine learning model.