摘要
当前大部分异常信息检测方法均存在依赖异常信息特征,从被检测目标发现攻击行为的弊端,不适于多域光网络异常信息检测,为此,提出一种基于光度数据的多域光网络异常信息检测方法。设计了光度数据采集平台结构,通过单片双通道高速流水线式A/D转换器完成对光度数据的实时采集。针对采集的光度数据,利用时间间隔步隆过滤器,通过二维步隆过滤器对存储的开始时间与结束时间进行分别保存,检测与哈希值相应的过滤单元中开始至结束时间范围内是否有相交时间,删除冗余数据。完成对光度数据的处理后,利用计算获取滑动窗口信息熵序列,求出滑动窗口中光度数据异常概率以及信息熵异常概率,依据联合异常概率判断是否存在异常信息。实验结果表明,所提方法检测准确率高。
at present,most of the anomaly information detection methods rely on the anomaly information’s characteristics.It is not suitable to detect the multi-domain optical network’s anomaly information because of the disadvantages of the attack behaviour found from the detected target.Therefore,a method of anomaly information detection based on photometric data is proposed.The photometry data acquisition platform’s structure is designed,and the real-time photometry data acquisition is completed by single-chip dual-channel high-speed pipelined A/D converter.For the collected photometric data,the start time and the end time of the storage are saved separately by using the time interval step filter and the two-dimensional step filter.The intersection time between the start time and the end time in the filter unit corresponding to the hash value is detected,and redundant data is deleted.After the processing of photometric data,the information entropy sequence of the sliding window is obtained by calculation,and the abnormal probability of photometric data and information entropy in the sliding window is calculated.The existence of abnormal information is judged according to the combined abnormal probability.Experimental results show that the proposed method has high detection accuracy.
作者
张倩
王明
ZHANG Qian;WANG Ming(Information Application Laboratory of Shaanxi Provincial Public Security Department Xi'an 710021,China;Shaanxi Police College,Xi'an 710021,China)
出处
《激光杂志》
CAS
北大核心
2021年第2期151-155,共5页
Laser Journal
基金
国家自然科学基金项目(No.61807026)。
关键词
光度数据
多域光网络
异常信息
检测
photometric data
multi domain optical network
abnormal information
detection