摘要
将移动运营商核心网络中的故障点定位到设备和端口需要分析大量数据样本,耗时较长。针对该问题,提出一种以历史数据为参照的异常流量检测方法。构建历史流量数据库,在此基础上利用短时的面积特征与梯度特征刻画网络的流量行为,及时发现异常流量,并设计分级多粒度方法定位造成异常流量的故障点。实验结果表明,与自适应阈值法、K-means聚类法和多维熵法相比,该方法能取得较好的在线异常流量检测效果,准确定位出现故障及异常流量的设备及端口。
To locate the fault points in the core network of mobile operators, previous methods require too many data samples which need long time to find the fault points. Aiming at this problem, this paper proposes an abnormal traffic detection method using the historical data as reference. It establishes a database containing historical traffic data. On this basis, it uses the surface feature and gradient features in short term to describe traffic behaviors of network, so as to detect the abnormal traffic in time. Meanwhile,it proposes a hierarchical and multi-granularity method to find the fault points that lead to the anomalous traffic. Experimental results demonstrate that, compared with adaptive threshold method, K- means clustering method and multidimensional entropy method, the proposed method can not only perform better in online abnormal traffic detection,but also locate the equipments and points that have faluts and abnormal traffic more accurately.
出处
《计算机工程》
CAS
CSCD
北大核心
2017年第12期73-77,共5页
Computer Engineering
基金
中国移动通信集团湖北有限公司TD-SCDMA联合创新实验室项目"基于大数据流量建模的分组域核心网运维方法研究"(HBMC-3510-JS-JSZX-2015-1197)
关键词
网络流量
历史特征
异常流量检测
流量行为
短时特征
network traffic
historical feature
abnormal traffic detection
traffic behavior
short-term feature
