期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于抽样流长与完全抽样阈值的异常流自适应抽样算法 被引量:3

Adaptive Flow Sampling Algorithm Based on Sampled Packets and Force Sampling Threshold S Towards Anomaly Detection
下载PDF
导出
摘要 高速IP网络的流量测量与异常检测是网络测量领域研究的热点。针对目前网络流量测量算法对小流估计精度偏低,对异常流量筛选能力较差的缺陷,该文提出一种基于业务流已抽样长度与完全抽样阈值S的自适应流抽样算法(AFPT)。AFPT算法根据完全抽样阈值S筛选对异常流量敏感相关的小流,同时根据业务流已抽样长度自适应调整抽样概率。仿真和实验结果表明,AFPT算法的估计误差与理论上界相符,具有较强的异常流量筛选能力,能够有效提高异常检测算法的准确率。 The network traffic measurement and anomaly detection for high-speed IP network become the hotspot research of network measurement field. Because the current measurement algorithms have large estimation error for the mice flows and poor performance for the sampling anomaly traffic, an Adaptive Flow sampling algorithm based on the sampled Packets and force sampling Threshold S (AFFT) is proposed. According to the force sampling threshold S, the AFPT is able to sample the mice flows which is sensitive to the anomaly traffic, while adaptive adjustment the probability of sampling based on the sampled packets. The simulation and experimental results show that the estimation error of AFPT is consistent with the theoretical upper bound, and provide better performance for the anomaly traffic sampled. The proposed algorithm can effectively improve the accuracy of anomaly detection algorithm.
作者 伊鹏 钱坤 黄万伟 王晶 张震
机构地区 国家数字程控交换系统工程技术研究中心
出处 《电子与信息学报》 EI CSCD 北大核心 2015年第7期1606-1611,共6页 Journal of Electronics & Information Technology
基金 国家973计划项目(2012CB315901 2013CB329104)资助课题
关键词 网络测量 自适应流抽样 异常检测 Network measurement Adaptive flow sampling Anomaly detection
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献13

  • 1周爱平,程光,郭晓军.高速网络流量测量方法[J].软件学报,2014,25(1):135-153. 被引量:29
  • 2Peter Lieven and Bj6rnScheuermann. High-speed per-flow traffic measurement with probabilistic multiplicity counting [C]. Proceedings of the INFOCOM 2010, San Diego, CA, USA, 2010: 1-9.
  • 3程光,唐永宁.基于近似方法的抽样报文流数估计算法[J].软件学报,2013,24(2):255-265. 被引量:14
  • 4Lee Y J, Yeh Y R, and Wang Y C P. Anomaly detection via online oversampling principal component analysis[J]. IEEE Transactions on Knowledge and Data Engineering, 2013, 25(7): 1460-1470.
  • 5Pham D S, Venkatesh S, Lazaxescu M, et al: Anomaly detection in large-scale data stream networks[J]. Data Mining and Knowledge Discovery, 2014, 28(1): 145-189.
  • 6Cai Yuan-jun, Wu Bin, Zhang Xin-wei, et al: Flow identification and characteristics mining from internet traffic with hadoop[C]. Proceedings of the Computer Information and Telecommunication Systems (CITS), Jejn Island, Korea, 2014: 1-5.
  • 7Brauckhoff D, Tellenbemh B, Wagner A, et al: Impact of packet sampling on anomaly detection metrics[C]. Proceedings. of the 6th ACM Sigcomm conference on Internet measurement, Rio de Janeiro, Brazil, 2006: 159-164.
  • 8Mai Jian-ning, Chuah C N, Sridharan A, et al: Is sampleddata sufficient for anomaly detection?[C]. Proceedings of the 6th ACM Sigcomm Conference on Internet Measurement, Rio de Janeiro, Brazil: 2006: 165-176.
  • 9Kumar A and Xu J. Sketch guided sampling using on-line estimates of flow size for adaptive data collection[C]. Proceedings of IEEE INFOCOM 2006, Barcelona, Spain, 2006: 1-11.
  • 10Li Tao and Chen Shi-gang. Per-flow traffic measurement through randomized counter sharing[J]. IEEE ACM Transactions on Networking, 2012, 13(5): 325-336.

二级参考文献5

共引文献38

同被引文献31

引证文献3

二级引证文献25

电子与信息学报
2015年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部