期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于在线特征选择的网络流异常检测 被引量:2

Anomaly detection in network traffic based on online feature selection
原文传递
导出
摘要 针对传统批处理特征选择方法处理大规模骨干网数据流存在时间和空间的限制,提出基于在线特征选择(online feature selection,OFS)的网络流异常检测方法,该方法将在线思想融入线性分类模型,在特征选择过程中,首先使用在线梯度下降法更新分类器,并将其限制在L1球内,然后用截断函数控制特征选择的数量。研究结果表明,提出的方法能充分利用网络流的时序性特点,同时减少检测时间且准确率和批处理方法相近,能满足网络流异常检测的实时性要求,为网络流分类和异常检测提供一种全新的思路。 Traditional batch feature selection methods had the limitations in time and space when dealing large-scale backbone network traffic. A method based on online feature selection detection was proposed to address the limitations,which integrated the idea of online learning into the linear classification model. When selecting the features,the classifier was first updated by online gradient descent and projected to a L1 ball to ensure that the norm of the classifier is bounded,and then the truncate function was used to control the quantity of features. The analysis results showed that the proposed method could make a good use of the time-sequence property of traffic,reduce the time of anomaly detection and hold the similar accuracy when comparing with the batch methods,and meet the real-time demand of network traffic anomaly detection. The proposed method provided a newidea for the network traffic anomaly detection.
作者 莫小勇 潘志松 邱俊洋 余亚军 蒋铭初
机构地区 解放军理工大学指挥信息系统学院
出处 《山东大学学报(工学版)》 CAS 北大核心 2016年第4期21-27,33,共8页 Journal of Shandong University(Engineering Science)
基金 国家自然科学基金资助项目(61473149)
关键词 网络流 在线特征选择 批处理 时序性 异常检测 network traffic online feature selection batch learning time-sequence anomaly detection
分类号 TP181 [自动化与计算机技术—控制理论与控制工程]
  • 相关文献

参考文献24

  • 1杨龙琪. 网络安全态势感知关键技术研究[D]. 南京: 中国人民解放军理工大学, 2015.
  • 2MOORE A, ZUEV D, CROGAN M. Discriminators for use in flow-based classification[R]. UK: Computer Science Department, Queen Mary University of London, 2005.
  • 3LI Wei, MOORE A. A machine learning approach for efficient traffic classification[C] //Proceedings of 15th International Symposium on MASCOTS'07. Istanbul, Turkey: IEEE Press, 2007:310-317.
  • 4MOORE A, ZUEV D. Internet traffic classification using bayesian analysis techniques[J]. Acm Sigmetrics Performance Evaluation Review, 2005, 33(1):50-60.
  • 5KIM H, CLAFFY K, FOMENKOV M, et al. Internet traffic classification demystified: myths, caveats, and the best practices[C] //Proceedings of the 2008 ACM CoNEXT Conference. Madrid, Spain: ACM Press, 2008:1-12.
  • 6NGUYEN T, ARMITAGE G. A survey of techniques for internet traffic classification using machine learning[J]. Communications Surveys & Tutorials, 2008, 10(4):56-76.
  • 7ZHAO Zheng, MORSTATTER F, SHARMA S, et al. Advancing feature selection research[R]. USA:School of Computing, Informatics, and Decision Systems Engineering, Arizona State University, 2010.
  • 8KATAKIS I, TSOUMAKAS G, VLAHAVAS I. On the utility of incremental feature selection for the classification of textual data streams[C] // Proceedings of the 10th Panhellenic Conference on Informatics. Volos, Greece: Springer Berlin Heidelberg Press, 2005:338-348.
  • 9WENERSTROM B, GIRAUD-CARRIER C. Temporal data mining in dynamic feature spaces[C] // Proceedings of the Sixth ICDM'06. Hong Kong, China: IEEE Computer Society Press, 2006:1141-1145.
  • 10MASUD M, CHEN Q, GAO J, et al. Classification and novel class detection of data streams in a dynamic feature space[C] // Proceedings of the 2010 European Conference on Machine Learning and Knowledge Discovery in Databases. Barcelona, Spain: Springer Berlin Heidelberg Press, 2010:337-352.

同被引文献6

引证文献2

二级引证文献8

山东大学学报(工学版)
2016年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部