期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于微簇的在线网络异常检测方法 被引量:1

Micro-cluster-based online network abnormal detection method
下载PDF
导出
摘要 针对大流量骨干网的在线网络异常检测是目前网络安全研究的热点之一,提出一种网络异常检测方法,有效在线处理大数据流,利用密度聚类算法把大数据流转换成微簇,通过微簇提高处理效率,定时调用孤立点检测算法发现攻击行为。方法具有不需线下训练、能发现任意行为模式、支持大数据流、可以平衡检测精度与系统资源要求、处理效率高等优点。实验表明,原型系统在20s完成2000年LLS_DDOS_1.0数据集分析,检测率为82%,误报率为6%,效果与K-means相当。 Since online abnormal detection for backbone network with large flow currently is a research hotspot in network secu- rity field, an online network abnormal detection method is proposed to handle big data stream properly. The method processes big data stream into micro-clusters with density-based cluster method, and then micro-clusters absorb data stream directly to en- hance the performance. The method regularly executes outlier detection process to find intrusion. The method does not require offline training process and can find any arbitrary clusters. It also supports big data stream and can balance between detection precision and resources with great performance. In the experiment, the prototype system finishes analysis task in 20 s over MIT Lincoln Laboratory LLS_DDOS_1.0 data, with 82% TPR and 6% FPR, which is equivalent to K-means.
作者 肖三 杨雅辉 沈晴霓
机构地区 北京大学软件与微电子学院
出处 《计算机工程与应用》 CSCD 2013年第6期86-90,共5页 Computer Engineering and Applications
基金 国家自然科学基金(No.61070237 No.61073156)
关键词 密度聚类 微簇 数据流 孤立点检测 density based clustering micro-cluster data stream outlier detection
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献3

二级参考文献38

  • 1宋世杰,胡华平,胡笑蕾,金士尧.数据挖掘技术在网络型误用入侵检测系统中的应用[J].计算机工程,2004,30(16):126-127. 被引量:9
  • 2高能,冯登国,向继.一种基于数据挖掘的拒绝服务攻击检测技术[J].计算机学报,2006,29(6):944-951. 被引量:44
  • 3杨智君,田地,马骏骁,隋欣,周斌.入侵检测技术研究综述[J].计算机工程与设计,2006,27(12):2119-2123. 被引量:45
  • 4赵月爱,彭新光.高速网络环境下的入侵检测技术研究[J].计算机工程与设计,2006,27(16):2985-2987. 被引量:15
  • 5http://www.ics.uci.edu/~ndeam/MLSununary.html.
  • 6TDT3 Multilanguage Text Corpus,Version 2.0;LDC Catalog Number LDC2001T58,isbn:158563-193-0.
  • 7MacQueen J.Some methods for classification and analysis of multivariate observations[C]//LeCam L M,Neymon J,eds.Prec of Fifth Berkeley Symposium on Math.Star and Prob:University of California Press,1967:281-297.
  • 8Tan P N,Steinbach M,等著.范明,范宏建,等译.数据挖掘导论(Introduction to Data Mining)[M].北京:人民邮电出版社,2006.
  • 9Ester M,Kriegel H P,Sander J.A density-based algorithm for discovering clusters in large spatial databases with noise[C]//Uzama M Fayyad,Padhraic Smyth,Gregory Piatetsky-Shapiro,eds.Proc of 2nd International Conference on Knowledge Discovery and Data Mining (KDD' 96).Portland:ACM Press,1996:226-231.
  • 10Ankerst M,Breunig M M,et al.OPTICS:ordering points to identify the clustering structure[C]//Alex Delis,Christos Falontsos,Shahram Ghandeharizadeh,eds.Prec ACM S1GMOD'99 lnt Conf on Management of Data.Philadelphia Pennsylvania:ACM Press,1999:49-60.

共引文献27

同被引文献17

  • 1李娜,钟诚.基于划分和凝聚层次聚类的无监督异常检测[J].计算机工程,2008,34(2):120-123. 被引量:25
  • 2Jingqiu Huang, Ogai H, Chen Shao, et al. On vibration signal analysis in Bridge Health Monitoring System by using Independent Component Analysis [ C ]//SI~CE Annual Conference, IEEE,2010:2122 - 2125.
  • 3Elwell R Polikar, Incremental learning of concept drift in nonstationary environments [ J ]. IEEE Trans on Neural Networks, 2011,22 ( 10 ) : 1517 - 1531.
  • 4Muthnkrishnan S,Shah R, Vitter J S. Mining deviants in Time Series Data Streams[ C ~//Proceedings of the 16th International Conference on Scientific and Statistical Database Management ,2004:41 -50.
  • 5Park N H, Oh S H,Lee W S. Anomaly intrusion detection by clustering transactional audit streams in a host computer [ J ]. Information Sci- ences,2010,180 (12) :2375 - 2389.
  • 6Yasami Y, Mozaffari S P. A novel unsupervised classification approach for network anomaly detection by k-means clustering and ID3 decision tree learning methods [ J ]. Journal of Supercomputing, 2010,53 ( 1 ) : 231 -245.
  • 7Song N,Zhou G. A study on intrusion detection based on data mining [C]//International Conference of Information Science and Manage- ment Engineering,2010:135 - 138.
  • 8Bejerano Y. Coverage verification without location information[ J ]. IEEE Trans on Mobile Computing,2012,11 (4) :631 - 643.
  • 9Knott E M, Ng R T. Algorithms for mining distance-based outliers in large datasets[ C]//Proceedings of VLDB 1998 C J. NewYork,USA, Morgan Kaufmann, 1998:392 - 403.
  • 10Widmer G, Kubat M. Learning in the Presence of Concept Drift and Hidden Contexts[ oil. Machine Learning, 1996,23 ( 1 ) :69 - 101.

引证文献1

二级引证文献3

计算机工程与应用
2013年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部