Inventi Impact: Computer Networks & Communications

Inventi:ecnc/45545/22

MAE-CAD: An IP-Based Core Network Asset Discovery Technology Based on Multiple Autoencoders

With the continuous development of the network, the number of network assets continues to increase. Despite the convenience diversified network assets bring, it also poses new challenges to IP-based network asset management. Traditional asset discovery technologies mainly analyze network traffic, and detect relevant information (operating system, running software, etc.) of IPbased assets through methods such as active discovery, passive discovery, and discovery methods based on cyberspace search engines. These methods assign the same weight to all network IP-based network assets, and it is difficult to effectively analyze diversified network assets. In this paper, we propose the concept of IP-based core network assets, and collect the data of the relevant network assets based on this concept. Then, we construct a dataset and establish feature engineering for data preprocessing. As there is currently no relevant IP-based core network asset detection method, we propose an IP-based core network asset discovery technology based on pretraining of multiple autoencoders, MAE-CAD. The results show that our method can achieve 95.74% in Acc and 95.04% in F1 in the experimental environment (Acc  98.11% and F1  97.16% in the actual network environment because of duplicate samples). In addition, MAE-CAD has excellent robustness. In an environment where the proportion of data is extremely unbalanced, when the IP-based core network asset data in the training set only accounts for 1/200 (0.5%), MAE-CAD can still obtain 92.91% in Acc and 91.57% in F1.