基于日志信息的大规模网络异常读数检测方法  

Large-Scale Network Abnormal Reading Detection Method Based on Log Information

在线阅读下载全文

作  者:薛莹[1] 金景峰 XUE Ying;JIN Jing-feng(Shaanxi Police Officer Vocational College,Xi'an Shaanxi 710021,China;Equipment Project Management Center of Army Equipment Department,Beijing 100072,China)

机构地区:[1]陕西警官职业学院,陕西西安710021 [2]陆军装备部装备项目管理中心,北京100072

出  处:《计算机仿真》2022年第10期420-424,共5页Computer Simulation

摘  要:针对日志信息中数据规模较大不利于异常读数检测的问题,提出基于日志信息的大规模网络异常读数检测方法。引入抽象算法合并不同格式日志信息并提取其中统一的网络事件,获取融合日志信息,去除冗余数据,减轻计算负担;将日志信息降维处理,获取低维度数据用于后续检测;结合网络读数时间关联性和相邻网络读数空间关联性实施分阶段检测,完成大规模网络异常读数检测。实验结果表明,所提方法能够有效地提高检测率和检测准确率、降低误报率,节省检测时间,说明该方法具备较好的检测效果。Aiming at the problem that the large scale of data in log information is not conducive to abnormal reading detection, a large-scale network abnormal reading detection method based on log information is proposed. Abstract algorithms were introduced to merge log information in different formats and extract unified network events, so as to obtain integrated log information, remove redundant data and reduce the computational burden;The dimensions of log information were reduced to obtain low-dimensional data for subsequent detection;Combined with the temporal correlation of network readings and the spatial correlation of adjacent network readings, phased detection was implemented to complete the detection of large-scale network abnormal readings. The experimental results show that the proposed method can effectively improve the detection rate and detection accuracy, reduce the false alarm rate, and save the detection time, which indicates that the method has a good detection effect.

关 键 词:日志信息 异常读数 信息融合 信息降维 时空关联性 

分 类 号:TP212.9[自动化与计算机技术—检测技术与自动化装置]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象