检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]江苏大学信息化中心,镇江212013 [2]江苏大学计算机科学与通信工程学院,镇江212013
出 处:《无线通信技术》2013年第4期21-26,共6页Wireless Communication Technology
基 金:国家自然基金项目(61005017)
摘 要:针对网络异常检测领域存在的漏报率和误报率较高的问题,提出一种基于Kmeans聚类的网络流量异常检测方法。选择了多个不同维度上的特征;计算各维特征在滑动窗口中的局部均值偏差,以保证在实时动态变化的网络中的检测准确度;利用由K-means聚类算法产生的检测模型对各维特征进行综合评判,有效地降低了漏报率和误报率。在网络流量数据集上对所提方法进行了验证并和已有方法进行了对比,所提方法在精度和效率方面取得了较好的实验效果。In order to satisfy the demands of high true positive rate and low false positive rate in network traffic anomaly detection, a method based on K - means clustering is proposed. According to the characteristie of network traffie, several features of different dimensions are selected. In order to a.chieve high accuracy in dynamic networks, local deviation from mean is calculated in the sliding window. The detection model which generated by K - means clustering algorithm is utilized to fuse multi -dimensional features to decide whether the network traffie is normal, and by such fusion it achieves low missing rate and false alarm rate. The proposed method is validated and evaluated by comparing it with existed algorithms derived from some network traffic datasets. The experiments show that the proposed method can detect attacks with high accuracy and high efficiency.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.249