期刊文献+

基于流知识图谱的通信网络流连接行为分析 被引量:2

Analysis of Communication Network Flow Connection Behavior Based on Flow Knowledge Graph
下载PDF
导出
摘要 图模型能够直观、完整地刻画网络流的连接模式,在网络流行为分析中具有独特的优势,但现有图模型方法存在构图方式单一、信息包含不完整、分析手段不够丰富等问题,通过借鉴知识图谱的概念,提出一种基于流知识图谱的网络流行为分析模型——网络流连接图。通过收集网络流信息构造网络流连接关系的基本模型,基于网络流属性信息设定图节点等级和边权值,在此基础上,利用节点与边的筛选规则提取网络应用行为的核心连接方式和简化网络规模,采用复杂网络特征分析方法提取网络流行为特征参数。实验结果表明,网络流连接图能够充分利用网络流行为测量数据中的可用信息,准确刻画网络应用流连接关系的固有特征,有效地检测与识别DDoS攻击、蠕虫传播以及端口扫描等网络异常行为,同时网络流连接图表现出良好的可扩展性,适合多种图挖掘算法的应用。 The graph model method has unique advantages in network flow behavior analysis,because it can intuitively and completely describe the connection mode of network flow.However,the current methods have many problems,such as single composition mode,incomplete information and insufficient analysis means etc.Therefore,by referring to the concept of knowledge graph,this paper proposes a network flow behavior analysis model based on flow knowledge graph,namely,the network flow connection graph.We first build the basic model of the network flow connection relationship by collecting the network flow information.Then we set the graph node level and the edge weight value based on the network flow attribute information.According to the filtering rules of the node and edge,we extract the core connection mode of the network application behavior and simplify the network scale.Finally,we adopt the complex network feature analysis method to extract the network flow feature parameters.Experimental results show that network flow connection graph can fully utilize the available information in the network flow behavior measurement data,accurately characterize the inherent characteristics of the network application flow connection relationship,and effectively detect and identify network abnormal behaviors such as DDoS attacks,worm propagation and port scanning.Besides,the network flow connection graph shows good scalability,making it suitable for the application of multiple graph mining algorithms.
作者 胡航宇 翟学萌 胡光岷 HU Hangyu;ZHAI Xuemeng;HU Guangmin(Key Laboratory of Optical Fiber Sensing and Communications,Ministry of Education,University of Electric Science and Technology of China,Chengdu 611731,China)
出处 《计算机工程》 CAS CSCD 北大核心 2019年第11期234-242,共9页 Computer Engineering
基金 国家自然科学基金(61471101,61571094)
关键词 网络流行为分析 网络流 知识图谱 特征参数提取 异常检测 network flow behavior analysis network flow knowledge graph feature parameter extraction anomaly detection
  • 相关文献

参考文献3

二级参考文献33

  • 1梅立军,周强,臧路,陈祖舜.知网与同义词词林的信息融合研究[J].中文信息学报,2005,19(1):63-70. 被引量:28
  • 2董振东,董强,郝长伶.知网的理论发现[J].中文信息学报,2007,21(4):3-9. 被引量:99
  • 3刘克彬,李芳,刘磊,韩颖.基于核函数中文关系自动抽取系统的实现[J].计算机研究与发展,2007,44(8):1406-1411. 被引量:59
  • 4李先通,李建中,高宏.一种高效频繁子图挖掘算法[J].软件学报,2007,18(10):2469-2480. 被引量:35
  • 5Zander S, Nguyen T, and Armitage G. Automated traffic classification and application identification using machine learning[C]. Proceedings of the 30th IEEE Conference on Local Computer Networks, Sydney, Australia, 2005: 250-257.
  • 6Roughan M, Sen S, Spatscheck O, et al.. Class-of-service mapping for QoS: a statistical signature-based approach to IP traffic classification[C]. Proceedings of ACM SIGCOMM Internet Measurement Conference, Taormina, Sicily, Italy, 2004: 135-148.
  • 7Williams N, Zander S, and Armitage G. A prelinfinary performance comparison of five machine learning algorithms for practical IP traffic flow classification[J]. ACM SIGCOMM Computer Communication Review, 2006, 36(5): 5-15.
  • 8Karagiannis T, Papagiannaki K, and Faloutsos M. BLINC: multilevel traffic classification in the dark [C]. Proceedings of SIGCOMM, Philadelphia, PA, USA, 2005: 229-240.
  • 9Altman E, Nain P, and Shwart A. Predicting the impact of measures against P2P networks on the transient behaviors [C]. Proceedings of INFOCOM, Shanghai, 2011: 1440-1448.
  • 10Jin Zhi-gang, Wang Ying, and Wei Bo. P2P Botnets detection based on user behavior sociality and traffic entropy function[C]. Proceedings of Communications and Networks Consumer Electronics (CECNet), Yichang, 2012:1953-1955.

共引文献1700

同被引文献27

引证文献2

二级引证文献16

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部