摘要
对包含大流量数据的高维度网络进行异常检测,必须加入维数约简处理以减轻系统在传输和存储方面的压力。介绍高速网络环境下网络流量异常检测过程以及维数约简方式,阐述流量数据常用特征和维数约简技术研究的最新进展。针对网络流量特征选择和流量特征提取2种特征降维方式,对现有算法进行归纳分类,分别描述算法原理及优缺点。此外,给出维数约简常用的数据集和评价指标,分析网络流量异常检测中维数约简技术研究面临的挑战,并对未来发展方向进行展望。
To implement anomaly detection for a high dimensional network with mass flow data,data dimensionality should be reduced to relieve transmission and storage burdens from the system.This paper introduces network traffic anomaly detection process and dimensionality reduction ways in hig-speed network environment.Then it summarizes common features of feature in network traffic anomaly detection and latest research developments of dimensionality reduction for traffic data.Aiming at two kinds of feature dimensionality reduction ways,network traffic feature selection and network traffic feature extraction,this paper lists and classifies frequently used algorithms and describes the principles,advantages and disadvantages respectively.On this basis,this paper analyzes existing datasets and evaluation indexes used in research of dimensionality reduction.Finally,this paper discusses development directions and challenges of dimensionality reduction technologies in network traffic anomaly detection.
作者
陈良臣
高曙
刘宝旭
陶明峰
CHEN Liangchen;GAO Shu;LIU Baoxu;TAO Mingfeng(School of Computer Science and Technology,Wuhan University of Technology,Wuhan 430063,China;Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100049,China;School of Application Technology,China University of Labor Relations,Beijing 100048,China;Zibo Power Supply Company,State Grid Shandong Electric Power Company,Zibo,Shandong 255000,China)
出处
《计算机工程》
CAS
CSCD
北大核心
2020年第2期11-20,共10页
Computer Engineering
基金
国家自然科学基金(61802404,61602470)
国家信息安全专项(发改办高技[2015]289号)
中国科学院战略性先导C类课题(XDC020400100)
中国科学院网络测评技术重点实验室基金
中国劳动关系学院科研项目(20XYJS003,20ZYJS017)
北京市科委重点研究项目(D181100000618003)
网络安全防护技术北京市重点实验室基金
关键词
网络异常检测
流量维数约简
流量特征提取
流量特征选择
网络空间安全
network anomaly detection
traffic dimensionality reduction
traffic feature extraction
traffic feature selection
cyberspace security