摘要
协议的聚类是协议分析中一个重要的环节,为实现对未知二进制协议高效聚类,提出了一种基于K-means聚类和AGNES的未知二进制协议聚类方法。在对获取的二进制协议比特流进行数据预处理的基础上,先采用K-means算法对比特流数据进行初步聚类,再通过误差平方和、Calinski-Harabasz分数值和轮廓系数确定k值,最后选择AGNES算法将未知二进制协议比特流划分为不同的二进制协议子集。方法有效结合了K-means和AGNES算法的特点,降低了时间复杂度的同时提高了聚类的精确度。对实验数据集的测试结果验证了所提方法的有效性,较为准确地确定了k值,聚类精确度达到了98%。
Protocol clustering is an important part of protocol analysis.In order to realize efficient clustering of unknown binary protocols,an unknown binary protocol clustering method based on K-means clustering and AGNES is proposed.On the basis of data preprocessing of the acquired binary protocol bit stream.Firstly,the K-means algorithm is used to make initial clustering of the bit stream data,and then the K value is determined by the sum of error square,Calinski-Harabasz fractional values and contour coefficient.Finally,the AGNES algorithm is selected to divide the unknown binary protocol bit stream into different subsets of binary protocols.The method effectively combines the characteristics of K-means and AGNES algorithm,reduces the time complexity and improves the accuracy of clustering at the same time.The test results of the experimental data set verify the effectiveness of the proposed method,more accurately determine the k value,and the clustering accuracy is up to 98%.
作者
尹世庄
王韬
陈庆超
刘丽君
阎韶林
YIN Shi-zhuang;WANG Tao;CHEN Qin-chao;LIU Li-jun;YAN Shao-lin(Shijiazhuang Campus of Army Engineering University,Shijiazhuang 050003,China;The Army Engineering University,Nanjing 210000,China)
出处
《火力与指挥控制》
CSCD
北大核心
2020年第8期125-130,135,共7页
Fire Control & Command Control
基金
国家重点研发计划(2018YFC0806900)
江苏省自然科学基金资助项目(BK20161469)。
