摘要
针对网络异常流量检测技术准确率较低、簇的误划分等问题,提出基于改进密度峰值聚类算法的网络异常流量检测方案;首先对网络流量数据进行预处理和分组乱序,然后计算相应属性值并利用局部密度发现簇中心点,最后采用一种新的标签传递方式形成相应的簇群直至处理完所有数据。结果表明,相对于k均值算法和具有噪声的基于密度的聚类算法,基于改进的密度峰值聚类算法提升了网络异常流量的检测准确率,综合性能较优。
Aiming at the problems of low accuracy and cluster misclassification of network abnormal traffic detection technology, a network abnormal traffic detection scheme based on improved density peaks clustering algorithm was proposed. Firstly, the network traffic data were preprocessed and grouped out of order, then the corresponding attribute values were calculated and the local density was used to find the cluster center points. Finally, a new label transfer mode was used to form the corresponding cluster group until all of the data were processed. The results show that compared with k-means algorithm and density-based spatial clustering of applications with noise, the improved density peaks clustering algorithm improves detection accuracy of network abnormal traffic, and the comprehensive performance is better.
作者
任艳
徐春
张蕾
汪晓洁
REN Yan;XU Chun;ZHANG Lei;WANG Xiaojie(School of Information Management,Xinjiang University of Finance and Economics,Urumqi 830012,Xinjiang,China;College of Information Science and Engineering,Xinjiang University,Urumqi 830046,Xinjiang,China)
出处
《济南大学学报(自然科学版)》
CAS
北大核心
2022年第5期597-602,共6页
Journal of University of Jinan(Science and Technology)
基金
国家自然科学基金项目(61966033)
新疆维吾尔自治区高等学校科研计划项目(XJEDU2019Y036)
新疆维吾尔自治区社会科学基金项目(19BTJ037)
新疆财经大学校级科研基金项目(2020XYB004)。
关键词
网络安全
异常流量检测
聚类
密度峰值
局部密度
network security
abnormal traffic detection
clustering
density peak
local density
