基于特征约简与多层极限学习机的网络流量异常检测  被引量:3

Network traffic anomaly detection based on feature reduction and multi-layer extreme learning machine

在线阅读下载全文

作  者:丁建立[1] 刘亦舟 梁婷婷 DING Jianli;LIU Yizhou;LIANG Tingting(College of Computer Science and Technology,Civil Aviation University of China,Tianjin 300300,China)

机构地区:[1]中国民航大学计算机科学与技术学院,天津300300

出  处:《现代电子技术》2022年第5期84-89,共6页Modern Electronics Technique

基  金:国家自然科学基金项目(U1833114)。

摘  要:针对网络流量异常检测目前存在的数据维度大、冗余数据较多、准确率较低等问题,提出一种基于层次聚类和自编码器并结合多层极限学习机的网络流量异常检测模型。首先考虑数据特征之间的相关性,根据数据特征之间的相似性距离对特征维度进行层次聚类划分,将相关性较高的特征划分到同一特征子集中;然后利用自动编码器对每个特征子集进行约简,消除冗余信息降低检测数据计算量;最后以多层极限学习机作为分类器,利用约简后的特征数据进行网络流量异常检测建模。实验结果显示,文中模型在UNSW-NB15数据集上准确率达到了0.992,精确率达到了0.997。与其他检测方法相比,文中方法可以有效地约简数据特征,提高了检测的准确率和网络流量异常检测的性能。In view of the large data dimensions,more redundant data and low accuracy existing in the current network traffic anomaly detection,a network traffic anomaly detection model based on hierarchical clustering and autoencoder and combined with multi-layer extreme learning machine(ELM)is proposed,in which the correlation between data features is taken into account. According to the similarity distance between the data features,the feature dimensions are subjected to hierarchical clustering division,and the features with higher correlation are classified into the same feature subset,and then the autoencoder is used to reduce each feature subset,so as to eliminate redundant information and reduce the calculation amount of detection data. Finally,the multi-layer ELM is used as a classifier,and the reduced feature data is used to achieve modeling of network traffic anomaly detection. The experimental results show that the proposed model has accuracy of 0.992 and precision of 0.997 on the UNSW-NB15 data set. In comparison with the other detection methods,the proposed method can effectively reduce data features,improve the accuracy of detection and the performance of network traffic anomaly detection.

关 键 词:网络流量 异常检测 多层极限学习机 层次聚类 特征约简 冗余信息消除 

分 类 号:TN711-34[电子电信—电路与系统] TP3[自动化与计算机技术—计算机科学与技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象