基于模糊聚类的网络异常流量检测算法研究  被引量：4

作　　者：翟建丽[1] 王映丽 Zhai Jianli;Wang Yingli(Huali College Guangdong University of Technology, Guangdong Guangzhou 511325, China;Guangzhou Huali Science and Technology Vocational College, Guangdong Guangzhou 511325, China)

机构地区：[1]广东工业大学华立学院,广州511325 [2]广州华立科技职业学院,广州511325

出　　处：《电子测量技术》2019年第16期172-176,共5页Electronic Measurement Technology

摘　　要：为了提高异构有向传感器网络异常流量检测能力,提出一种基于模糊聚类的异构有向传感器网络异常流量检测算法。对采集的异构有向传感器网络传输数据进行低维度的特征集构造,构建异构有向传感器网络异常流量分布的粗糙集模型,对网络的异常流量特征集采用自适应回归分析方法进行统计特征量提取,以少量的样本类别数据为测试集,采用模糊C均值聚类方法对异构有向传感器网络异常流量进行向量量化分析,对全部的异常样本进行抽样训练,提取异构网络异常流量的高阶谱特征量,将异构有向传感器网络异常流量的特征提取结果输入到BP神经网络分类器中进行数据分类,结合大数据融合聚类方法实现异构有向传感器网络异常流量检测。仿真结果表明,采用该方法进行异构有向传感器网络异常流量检测的准确性较高,抗异常流量干扰能力较好,提高了网络的流量安全监控能力。In order to improve the detection ability of heterogeneous directed sensor networks, an anomaly detection algorithm based on fuzzy clustering for heterogeneous directed sensor networks is proposed. Based on the low dimensional feature set structure of the collected heterogeneous sensor network data, the rough set model of abnormal traffic distribution in heterogeneous directed sensor network is constructed. An adaptive regression analysis method is used to extract the statistical feature of the abnormal traffic feature set of the network, and a small amount of sample class data is used as the test set. The fuzzy C-means clustering method is used to analyze the abnormal traffic of heterogeneous directed sensor networks by vector quantization. All abnormal samples are sampled and trained to extract the higher-order spectral characteristic of abnormal traffic in heterogeneous networks. The feature extraction results of heterogeneous directed sensor networks are input into the BP neural network classifier for data classification, and big data fusion clustering method is used to detect the abnormal traffic in heterogeneous directed sensor networks. The simulation results show that the proposed method is accurate in detecting abnormal traffic in heterogeneous directed sensor networks and has a better ability to resist the interference of abnormal traffic, thus improving the traffic security monitoring ability of the network.

关 键 词：模糊聚类 有向传感器网络 异常流量 检测算法 

分 类 号：TP393[自动化与计算机技术—计算机应用技术] TN919[自动化与计算机技术—计算机科学与技术]