摘要
网络攻击聚类是面向无标签数据场景的重要分类技术。在实际应用环境中,存在大量未标记的网络数据。通过设计聚类算法,可以有效的对这类数据的安全性进行无监督检测,t-SNE算法可以同时考虑数据的全局关系和局部关系,根据此特点本文选用该算法对网络攻击行为进行检测。为了适应于t-SNE算法,本文提出了一种适应的数据预处理方案。进行了基于一个公开网络攻击数据集的仿真实验,比较了t-SNE算法与主成份分析(PCA)和自动编码(auto-encoder)的性能差距。实验表明,t-SNE算法具有较好的网络攻击行为的聚类效果。
Network attack clustering is an important classification technique for untagged data scenarios.In practical applications,there is a large amount of untagged network data.By designing the clustering algorithm,the security of this type of data can be effectively monitored unsupervisedly.The t-SNE algorithm can simultaneously consider the global and local relationships of the data.According to this feature,this method is used to detect the network attack behavior.In order to adapt to the t-SNE algorithm,this paper proposes an adaptive data preprocessing scheme.A simulation experiment based on an open network attack dataset was conducted and the performance of t-SNE algorithm and PCA and auto-encoder was compared.Experiments show that the t-SNE algorithm has excellent clustering effect of cyber-attack behavior.
作者
汪媛
陈晓
WANG Yuan;CHEN Xiao(National Network New Media Engineering Research Center,Institute of Acoustics,Chinese Academy of Sciences,Beijing,100190,China;University of Chinese Academy of Sciences,Beijing,100049,China)
出处
《网络新媒体技术》
2020年第6期26-30,44,共6页
Network New Media Technology
基金
中科院声学所率先行动计划项目:端到端虚拟化关键技术研究与系统研发(编号:SXJH201609)。
