摘要
为了解决网络用户流量行为描述维度过高,且在海量网络用户流量行为数据中分析单用户流量行为比较困难的问题,提出一种基于流量监测的异常流量时间定位和用户定位方法.首先,基于网络流量特性提出一个较为完备的特征集,对网络用户流量行为进行全面描述.其次,提出一种基于偏离距离的特征选择规则,选择出适合于海量网络用户流量行为分析的优化特征集,实现网络用户异常流量行为的快速时间定位.最后,在异常流量行为发生时刻对单用户流量行为进行分析,从而定位发生异常流量行为的用户.实验结果表明,本系统对网络用户异常流量行为具有较好的检测效果.
To overcome the lack of description dimension to network user systematic definition of network user's traffic behavior, high ' s traffic behavior and long time to analyze single network user' s traffic behavior from massive network data, a method of establishing user' s traffic behavior analysis system based on network traffic monitoring was proposed. First, a more complete feature set based on the characteristic of network traffic to describe network user' s traffic behavior was established. Second, a feature selection rule based on the deviation distance was proposed to select the optimized feature set for the analysis of massive users' traffic behavior and locate abnormal moment rapidly. Finally, the single network user's traffic behavior to locate the abnormal users who produce abnormal traffic behavior was analyzed. Results show that the system has an excellent detection of the abnormal user' s traffic behavior.
出处
《北京工业大学学报》
CAS
CSCD
北大核心
2013年第11期1692-1699,共8页
Journal of Beijing University of Technology
基金
北京市自然科学基金资助项目(4123093)
北京市高等学校人才强教深化计划\中青年骨干人才培养计划资助项目(PHR201108016)
关键词
用户流量行为
流量监测
特征集
特征选择
user's traffic behavior
traffic monitoring
feature set
feature selection
