摘要
针对通信网络中网络异常原因分析的问题,提出一种基于决策树进行告警数据特征分析的方法.该方法首先针对网络设备产生的告警数据多为无标记数据,基于地域和时间特征关联分析告警数据获得根源信息并添加标记,然后多维化告警数据特征,再采用决策树方法分析各类特征的重要度及对准确率的影响,并通过剪枝缩减时间上的计算负担.各地域的告警数据实验结果表明,预处理及关联分析后告警压缩率分别约为70%和90%,告警对象类型与告警逻辑分类特征对网络异常的影响稳定,重要度在0.25以上,其中根源告警多属于告警逻辑分类中的通信告警.该方法可在一定程度上辅助网络管理人员识别主要的告警数据特征,根据数据特征先一步进行网络恢复.
Aiming at the problem of network anomaly cause analysis in communication networks, we proposed a method of alarm data feature analysis based on decision trees. Firstly, the alarm data generated by network devices were mostly untagged data, and the alarm data was analyzed based on the correlation analysis of geographical and temporal features to obtain root information and add tags, and then the alarm data features were multi-dimensional. Secondly, the importance of various features and their impact on accuracy were analyzed by the decision tree method, and the computational burden on time was reduced by pruning. The experimental results of alarm data in each region show that the alarm compression rate is about 70% and 90% after pre-processing and correlation analysis, respectively. The impact of alarm object type and alarm logic classification features on network anomalies is stable, and the importance degree is above 0.25, among them, the root alarm mostly belongs to communication alarm in the alarm logic classification. This method can help network managers to identify the main alarm data features to a certain extent, and recover the network first according to the data features.
作者
赵泽玲
冯海林
齐小刚
刘美丽
ZHAO Zeling;FENG Hailin;QI Xiaogang;LIU Meili(School of Mathematics and Statistics,Xidian University,Xi’an 710126,China)
出处
《吉林大学学报(理学版)》
CAS
北大核心
2022年第5期1167-1175,共9页
Journal of Jilin University:Science Edition
基金
国家自然科学基金(批准号:61877067)
陕西省自然科学基金基础研究计划项目(批准号:2021JZ-19)。
关键词
通信网络
数据处理
决策树
根源信息
告警特征分析
communication network
data processing
decision tree
root information
alarm feature analysis
