检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]电子科技大学宽带光纤传输与通信网技术重点实验室,成都610054
出 处:《计算机科学》2009年第1期46-50,共5页Computer Science
基 金:国家自然科学基金(60572092);教育部"新世纪优秀人才支持计划"(NCET-07-0148)资助
摘 要:网络流量异常检测要解决的核心问题之一是获得信息的全面性和流量信息描述的准确性。针对现有网络异常流量检测方法分析多时间序列的不足,提出了一种基于图挖掘的流量异常检测方法。该方法使用时间序列图准确、全面地描述用于流量异常检测的多时间序列的相互关系;通过对项集模式进行支持度计数,挖掘各种频繁项集模式,有利于对各种异常流量的有效检测;通过挖掘各项集之间的关系,引入了项集的权重系数,解决了流量异常检测的多时间序列相互关系的量化问题。仿真结果表明,该方法能有效地检测出网络流量异常,并且对DDos攻击的检测效果明显优于基于连续小波变换的检测方法。Comprehensive collection and accurate description of traffic information are core problems in network traffic anomaly detection. Aiming at the lack of traffic anomaly detection in analyzing multi time series,we proposed a network traffic anomaly detection method based on graph mining. Our method accurately and completely described the relationship among nulti-time series which are used in traffic anomaly detection by time-series graph. By mean of the support count of the patterns, our method mined all the frequent patterns, which is conducive to detecting many kinds of abnormal traffic effectively, through mining the relationship among all pattern sets, our method introduced weight coefficients of the pattern sets, which is able to solve relationship quantification issues of multi-time series in traffic anomaly detection. The simulation results show that the proposed method can effectively detect the network traffic anomaly and achieves a higher accuracy than the based CWT (Continuous Wavelet Transform) method in term of DDos attacks detection.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.118.210.233