Host abnormal behavior data set feature extraction method

The invention belongs to the technical field of network security, and particularly relates to a host abnormal behavior data set feature extraction method, data in a host abnormal behavior data set is an API sequence, and the method comprises the following steps: dividing the host abnormal behavior d...

Full description

Saved in:
Bibliographic Details
Main Authors CAO ZIWEN, JIA YETAO, SUN HE, LI BOYU, PAN FAN, ZHUANG HONGLIN
Format Patent
LanguageChinese
English
Published 03.05.2024
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:The invention belongs to the technical field of network security, and particularly relates to a host abnormal behavior data set feature extraction method, data in a host abnormal behavior data set is an API sequence, and the method comprises the following steps: dividing the host abnormal behavior data set into a training set and a test set according to a set proportion; removing labels from the data of the training set, and inputting the data into a GPT model for pre-training; finely adjusting the GPT model according to the loss function; inputting the data of the training set into the trained GPT model to obtain a characterized word embedding vector; inputting the characterized word embedding vector into a k-means model; determining the maximum cluster number of the k-means model by using a contour coefficient method, and completing the training of the k-means model; and inputting test set data into the trained GPT model and k-means model in sequence to obtain an API sequence after feature extraction. Accor
Bibliography:Application Number: CN202311804582