基于大语言模型的网络攻击检测技术研究进展OA
Research Progress on Detection Technologies for Network Attack Based on Large Language Model
大语言模型凭借其强大的特征学习能力、对复杂模式的识别能力以及泛化能力等优势,为网络攻击检测开辟了新的有效途径.首先阐述大语言模型在网络攻击检测中的技术优势,并提出相应的技术框架.然后结合现有文献,从原始安全数据处理、威胁特征提取、关联分析及目标环境威胁识别3个维度介绍了大语言模型在网络攻击检测中的应用现状,并剖析了基于大语言模型进行网络威胁检测时存在的问题与挑战.最后分析了基于大语言模型的网络攻击检测技术的未来研究方向.旨在为网络安全领域进一步发展基于大语言模型的网络攻击检测技术提供参考.
Large language model(LLM),with its powerful feature learning ability,the ability to recognize complex patterns,and generalization ability,has paved the way for innovative and powerful methods in network attack detection.Firstly,this paper elaborates on the technical advantages of LLM in network attack detection and proposes a corresponding technical framework.Then,drawing on existing literature,the application status of LLM in network attack detection is reviewed from three aspects:processing original security data,extracting threat features,correlation analysis,and identifying threats in the target environment.Furthermore,the problems and challenges associated with network threat detection using LLM are analyzed.Lastly,the paper outlines the future research directions for network attack detection technology leveraging LLM.This paper aims to provide references for the further development of network attack detection technology based on LLM in the field of network security.
Chen Shiwu;Jin Gang;Wang Wei;Yang Yu
Beijing Topsec Network Security Technology Co.,Ltd.,Beijing 100193Beijing Topsec Network Security Technology Co.,Ltd.,Beijing 100193Beijing Topsec Network Security Technology Co.,Ltd.,Beijing 100193Beijing Topsec Network Security Technology Co.,Ltd.,Beijing 100193
信息技术与安全科学
大语言模型网络流量分析威胁特征提取网络攻击检测关联分析
large language modelnetwork traffic analysisthreat feature extractionnetwork attack detectioncorrelation analysis
《信息安全研究》 2026 (1)
16-23,8
评论