基于孤立点异常度的Web攻击数据挖掘算法  被引量:1

Research on Web Aggressive Data Mining Technology Based on Degree of Abnormal Outlier

在线阅读下载全文

作  者:张路青 ZHANG Luqing(Office of Military Representatives in Elector-optical System of South Central China,Wuhan 430223)

机构地区:[1]海军驻中南地区光电系统军事代表室,武汉430223

出  处:《舰船电子工程》2018年第9期105-110,共6页Ship Electronic Engineering

摘  要:随着Web2.0技术的迅猛发展,网络安全变得更加突出。通过Web日志数据挖掘检测恶意攻击行为已经成为网络信息安全领域研究的一项重要技术,目前市场上的Web日志分析系统都是基于特征匹配来实现攻击行为检测的,虽然检测率较高,但对于新出现的或者尚未发现攻击特征的攻击类型无法识别。因此,深入研究从海量日志中挖掘恶意攻击行为技术有很强的理论意义与应用价值。论文深入研究了聚类算法中的距离定义以及异常度的定义,提出了一种有约束聚类的分簇方法,对Web日志中的HTTP请求进行分簇,最后利用统计学的思想,提出了一种近似正太分布的检测模型,并给出了基于孤立点异常度的Web攻击数据挖掘算法。通过实验验证表明,该算法能有效发现Web日志中的攻击数据,提高了检测率并降低了误报率。With the rapid development of web2.0 technology,Web log analysis has become an important technology in net-work information security.Most web log analysis systems on the market are based on feature matching technology to achieve aggres-sive behavior detection.Although the feature matching technology has a high detection rate,it is difficult to detect the new type of at-tacks and the aggressive behavior which is not in the feature library.Therefore,the study of the digging aggressive behavior from massive web log has great practical significance and application value.This thesis studied the definition of isolated points and its sig-nificance for the attack on data mining,and studied the definition of distance and abnormality in clustering algorithms.Thesis pro-posed a constrained clustering method to classify the HTTP parameters.At last,with the help of the statistical thinking,thesis pro-posed a similar Normal Distribution model,and a mining algorithm based on the degree of abnormal outlier.After experimental veri-fication,this algorithm has already completed the task of aggressive data mining and has a higher detection rate and a lower false alarm rate as well.

关 键 词:网络安全 WEB日志分析 数据挖掘 聚类分析 孤立点 

分 类 号:TP301.6[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象