摘要
海量网络数据流量检测可以发现网络中的异常行为,如Probe攻击和U2R攻击等。传统K-Means算法确定聚类中心具有较大的随机性,聚类结果不够精准,针对这一问题提出一种基于改进K-Means的网络异常检测算法。在MapReduce计算模型环境下运行K-Means聚类算法,分布式执行网络数据聚类任务,节省聚类时间开销,再基于最小生成树确定K-Means算法的聚类中心,提高网络异常数据聚类的精准度。实验结果显示该方法检测率保持在95%以上,误检率在0.5%左右,具有较高的实际应用价值。
Massive network data traffic detection can find abnormal behavior in the network,such as Probe attack and U2R attack,etc.The determination of clustering center by traditional K-Means algorithm has great randomness,which leads to inaccurate clustering results.To solve this problem,an improved network anomaly detection algorithm based on K-Means is proposed.The K-Means clustering algorithm is run in the MapReduce computing model environment to perform the network data clustering task in a distributed way,which saves the time cost of clustering,then the clustering center of K-Means algorithm is determined based on the minimum spanning tree to improve the accuracy of clustering of network abnormal data.The experimental results show that the detection rate of this method is basically kept above 95%,and the false detection rate is about 0.5%,which has high practical application value.
作者
徐翔
XU Xiang(Education Information Center,Guangdong Ocean University,Zhanjiang 524088,China)
出处
《通信电源技术》
2020年第24期49-51,共3页
Telecom Power Technology
