期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

大尺度IP网络流量异常特征的多时间序列数据挖掘方法 被引量:2

Multiple time series data mining approach of large-scale IP network abnormal traffic feature analysis
下载PDF
导出
摘要 提出了一种大规模通信网络流量异常特征分析的多时间序列数据挖掘方法,把多个网络流量特征参数构成的时间序列作为一个整体进行分析研究,进行多时间序列数据挖掘产生网络流量异常相关的有效关联规则,对整个通信网络的安全威胁进行描述。Abilene网络数据验证了该方法。 This paper proposed a large-scale IP network traffic feature anomaly detection method using time series data mining,analyzed the network traffic feature elements time series as a whole,obtained valid association rules of abnormal network traffic feature using multiple time series data mining,characterized the entire communication network security threats situation accurately.Experiments with Abilene network Netflow data verifies this method.
作者 贺伟凇 胡光岷
机构地区 电子科技大学光纤传感与通信网教育部重点实验室
出处 《计算机应用研究》 CSCD 北大核心 2011年第3期1130-1132,1154,共4页 Application Research of Computers
基金 国家自然科学基金资助项目(60872033) 重庆市教委科技项目(KJ092503)
关键词 符号时间序列分析 独立分量分析 多时间序列数据挖掘 symbolic time series analysis independent component analysis multiple time series data mining
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献28

  • 1Snort[EB/OL].(2010-08).http://www.snort.org.
  • 2WANG Ke,STOLFO S J.Anomalous payload-besed network intrusion detection[C] //Proc of the 7th International Symposium on Recent Advances in Intrusion Detection.2004.
  • 3ISHIGURO M,SUZUKI H,MURASE I,et al.Internet threat detection system using Bayesian estimation[C] //Proc of the 16th Annul FIRST Conference on Computer Security Incident Handling.2004.
  • 4BRUTLAG J.Aberrant behavior detection in time series for network monitoring[C] //Proc of USENIX LISA XIV.2000.
  • 5邹柏贤.一种网络异常实时检测方法[J].计算机学报,2003,26(8):940-947. 被引量:43
  • 6THOTTAN M,Jl Chuan-yi.Anomaly detection in IP networks[J].IEEE Trans on Signal Processing,2003,51 (8):2191-2204.
  • 7LI Lan,LEE G.DDos attack detection and wavelets[C] //Proc of the 12th International Conference on Computer Communications and Networks.2003:421-427.
  • 8任勋益,王汝传,王海艳.基于自相似检测DDoS攻击的小波分析方法[J].通信学报,2006,27(5):6-11. 被引量:56
  • 9李金明,王汝传.基于Hurst参数的DoS/DDoS攻击实时检测技术研究[J].计算机工程与应用,2007,43(6):20-23. 被引量:3
  • 10LUO Song,MARIN G.Network traffic anomaly detection through correlation integrals[C] //Proc of ACM SIGCOMM.20O5.

二级参考文献41

  • 1孙钦东,张德运,高鹏.基于时间序列分析的分布式拒绝服务攻击检测[J].计算机学报,2005,28(5):767-773. 被引量:55
  • 2Throttan M, Ji C. Adaptive thresholding for proactive network problem detection. In: IEEE International Workshop on Systems Management, Newport, Rhode Island, 1998. 108-116.
  • 3Maxion R A. Anomaly detection for diagnosis. In: Proceedings of the 20th International Symposium Fault-Tolerant Computing(FTCS-20), 1990. 20-27.
  • 4Maxion R A, Feather F E. A case study of Ethernet anomalies in a distributed computing environment. IEEE Transactions on Reliability, 1990, 39(4): 433-443.
  • 5Lawrence Ho L, Cavuto D J, Papavassiliou S, Zawadzki A G.Adaptive and automated detection of service anomalies in trans-action-oriented WAN's: Network analysis, algorithms, implementation, and deployment. IEEE Journal of Selected Areas in Communications, 2000, 18(5): 744-757.
  • 6Hood C S, Ji C. Beyond thresholds: An alternative method for extracting information from network measures. In: Proceedings of IEEE Globecom Conference, Phoenix, Arizona, 1997.487-491.
  • 7Ward A, Glynn P, Kathy Richardson. Internet service performance failure detection. Performance Evaluation, 1998, 26(3) : 38-44.
  • 8Alarcon-Aquio V, Barria J A. Anomaly detection in communication networks using wavelet. IEE Proceeding-Communication, 2001, 148(6): 355-362.
  • 9Huang P, Feldmann A, Willinger W. A non-intrusive, wavelet-based approach to detecting network performance problems.In: Proceedings of ACM SIGCOMM Internet Measurement Workshop, San Francisco Bay Area, 2001.
  • 10Mehdi Nassehi. Anomaly detection for Markov models. IBM Research Division, Zurich Research Laboratory, Ruschlikon,Switzerland: Research Report RZ 3011 ( # 93057), 1998.

共引文献100

同被引文献11

引证文献2

二级引证文献11

计算机应用研究
2011年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部