摘要
为了解决传统大数据访存踪迹聚类方法缺少对攻击访存模式相似度的测量,导致聚类数据量少、精准度较低等问题,提出新的模拟DDoS攻击场景下大数据访存踪迹聚类方法。方法通过分析目标大数据访存系统层次,得到访存系统的层次模型。参考Snorth系统规则库对模型进行特征提取,获得大数据访存踪迹特征,得到两种DDos攻击模式。再使用Leveshtein长度度量测量攻击访存模式之间的相似度,并通过计算相似度结果得到大数据访存踪迹序列。根据粗糙集拟定上近似与下近似阈值,完成对大数据访存踪迹聚类。仿真结果证明,新方法可以对大数据访存踪迹进行精准聚类,且聚类效率较高。
For small amount of clustering data and low accuracy caused by the lack of measuring the similarity of attack access patterns in traditional methods,this paper presented a new method of big data access trace clustering in simulated DDoS attack scenarios.By analyzing the hierarchical structure of big data access system,we built the hierarchical model of memory access system.According to the rule base of Snorth system,we extracted the features of model,and obtain the trace features of big data access and two kinds of DDoS attack modes.Then,we used the length of Leveshtein to measure the similarity between attack access patterns,and thus to obtain the sequence of big data memory access traces.According to the rough set,we proposed the upper and lower approximation thresholds.Finally,we completed the big data trace clustering.Simulation results show that the proposed method can accurately cluster the traces of big data,and the clustering efficiency is higher.
作者
湛玉婕
李贤功
ZHAN Yu-jie;LI Xian-gong(China University of Mining Technology,Xuzhou Jiangsu 221000,China)
出处
《计算机仿真》
北大核心
2020年第7期480-484,共5页
Computer Simulation
基金
江苏高校青蓝工程资助(2018SJA1030)。
关键词
大数据
聚类
访存踪迹
粗糙集
Big data
Clustering
Memory access trace
Rough set