网络异常检测领域概念漂移问题研究综述

A Review of Concept Drift in the Field of Network Anomaly Detection

下载PDF

导出

摘要【目的】随着网络技术的快速发展和广泛应用,网络异常检测作为保护网络安全和维护系统正常运行的手段变得越来越重要。然而,网络中异常行为和攻击手段不断变化,给异常检测带来了新的挑战。其中,概念漂移问题是网络异常检测领域中受到广泛关注的难点之一。【方法】本综述旨在对网络异常检测领域中概念漂移问题进行研究分析和总结。与前人的研究相比,本文将专注于网络异常检测领域的流数据。【文献范围】首先,对概念漂移进行详细介绍,包括定义、产生原因和特点。通过对概念漂移的全面理解,可以为后续的检测方法提供指导。其次,系统性地介绍了概念漂移检测方法,主要包括基于统计的方法、机器学习方法和深度学习方法等,并对比了各类方法的优缺点和适用场景。最后,探讨了概念漂移在未来可能的研究方向。【结论】本文聚焦于网络异常检测领域的概念漂移问题,通过详细介绍概念漂移的定义、产生原因和特点,以及深入分析和总结针对流数据概念漂移的检测方法,为未来研究方向提供了有价值的参考和指导。 [Purpose]With the rapid development and widespread application of network technology,network anomaly detection has become increasingly crucial as a means to safeguard network security and maintain the normal operation of systems.However,the evolving nature of abnormal behaviors and attack methods in networks presents new challenges to anomaly detection.Among these challenges,the concept drift problem is one of the widely recognized complexities in the field of network anomaly detection.[Methods]This review aims to conduct research analysis and summarization on the concept drift problem in the field of network anomaly detection.In comparison to previous studies,this paper will focus specifically on the field of flow data in network anomaly detection.[Literature Scope]Firstly,a detailed introduction to concept drift is provided,including its definition,causes,and characteristics.A comprehensive understanding of concept drift is intended to guide subsequent detection methods.Secondly,a systematic introduction to concept drift detection methods is presented,primarily including statistical methods,machine learning methods,and deep learning methods,while comparing the advantages,disadvantages,and application scenarios of each method.Finally,potential future research directions for concept drift are discussed.[Conclusion]This paper centers on the concept drift problem in the field of network anomaly detection.By providing a detailed introduction to the definition,causes,and characteristics of concept drift and conducting an in-depth analysis and summarization of concept drift detection methods tailored for flow data,the paper offers valuable references and guidance for future research directions.

作者杜冠瑶郭勇杰龙春赵静万巍 DU Guanyao;GUO Yongjie;LONG Chun;ZHAO Jing;WAN Wei(Computer Network Information Center,Chinese Academy of Sciences,Beijing 100083,China;University of Chinese Academy of Sciences,Beijing 100190,China)

机构地区中国科学院计算机网络信息中心中国科学院大学

出处《数据与计算发展前沿》 CSCD 2024年第1期162-178,共17页 Frontiers of Data & Computing

基金中国科学院战略性先导科技专项(C类)项目(XDC02030600) 网络安全保障体系建设工程(三期)(CAS-WX2022GC-04) 面向新兴业务应用的自动化安全防护关键技术研究(SGTYHT/21-JS-223) 中国科学院网络安全和信息化专项应用示范项目(CAS-WX2022SF-0401)。

关键词概念漂移网络异常检测数据分布模型更新 concept drift network anomaly detection data distribution model updating

分类号 TP3 [自动化与计算机技术—计算机科学与技术]

引文网络
相关文献

参考文献3

1徐清妍,何丽,朱泓西.改进Hoeffding不等式的概念漂移检测方法[J].计算机工程与应用,2020,56(19):55-61. 被引量：4
2胡阳,孙自强.基于McDiarmid边界的自适应加权概念漂移检测方法[J].华东理工大学学报（自然科学版）,2023,49(3):419-428. 被引量：2
3张育培,柴玉梅,王黎明.基于鞅的数据流概念漂移检测方法[J].小型微型计算机系统,2013,34(8):1787-1792. 被引量：3

二级参考文献24

1Babcock B, Babu S, Datar M, et al. Models and issues in data stream systems[ C]. Proceedings of the 21th ACM SIGMOD-SI- GACT-SIGART Symposium on Principles of Database Systems, ACM, 2002 : 1-16.
2Tsymbal A. The problem of concept drift: definitions and related work [ D]. TCD-CS-2004-15, Ireland: Trinity College Dublin, Department of Computer Science, 2004.
3Hulten G, Spencer L, Domingos P. Mining time-changing data streams[C]. Proceedings of the 7th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, ACM, 2001 : 97-106.
4KlinKenberg R. Learning drifting concepts: examples selections vs. example weighting [ J ]. Intelligent Data Analysis, 2004, 8 (3) :281-300.
5Wang H, Fan W, Yu P S, et al. Mining concept-drifting data streams using ensemble classifiers [ C ]. Proceedings of the 9th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, ACM, 2003 : 226-235.
6Masud M M, Gao Jing, Han Jia-wei, et al. Classification and no- vel class detection in concept-drifting data streams under time con- straints[J]. IEEE Transactions on Knowledge and Data Engineer- ing, 2011, 23(6) :859-874.
7Zhang Peng, Zhu Xing-quan, Tan Jian-long, et al. Classifier and cluster ensembles for mining concept drifting data streams [ C ]. In Data Mining (ICDM), 2010, IEEE 10th International Conference on Data Ming, IEEE, 2010: 1175-1180.
8Aggarwal C C. A framework for diagnosing changes in evolving data streams[ C]. Proceeding of the 2003 ACM SIGMOD Interna- tional Conference on Management of Data, ACM, 2003 : 575-586.
9Mozafari N, Hashemi S, Hamzeh A. On tracking behavior of streaming data: an unsupervised approach [ J ]. International Jour- nal of Data Engineering, 2011, 2 (1) :16-26.
10Vovk V, Nouretdinov I, Gammerman A. Testing exchangeability on-line[ C]. Proceeding of the 20th International Conference on Machine Learning, ACM, 2003 : 768-775.

共引文献6

1韩法旺,刘耀宗.数据流分类挖掘中的概念变化研究[J].计算机科学,2014,41(B11):347-350.
2王佳俊,钟登华,吴斌平,刘明辉,张宗亮.基于概念漂移检测的土石坝压实质量评价模型更新研究[J].天津大学学报（自然科学与工程技术版）,2019,52(5):492-500. 被引量：9
3梁斌,李光辉.基于McDiarmid界的概念漂移数据流分类算法[J].计算机科学与探索,2021,15(10):1990-2001.
4聂秀山,林熙明.流数据概念漂移检测研究进展[J].山东建筑大学学报,2022,37(3):90-100. 被引量：1
5尹春勇,陈双双.结合微聚类和主动学习的流分类方法[J].计算机工程与应用,2023,59(20):254-265.
6李春鹏,韩萌,孟凡兴,何菲菲,张瑞华.复杂数据流在线集成分类算法综述[J].计算机应用研究,2024,41(3):641-651.

1沈徳松.基于机器学习的网络异常流量检测[J].安徽科技学院学报,2024,38(1):111-116. 被引量：2
2沈伟豪,钟燕飞,王俊珏,郑卓,马爱龙.多模态数据的洪涝灾害知识图谱构建与应用[J].武汉大学学报（信息科学版）,2023,48(12):2009-2018. 被引量：3
3胡东烨,金泽.锂电池储能系统的火灾特性分析及扑救要点[J].时代汽车,2024(1):91-93. 被引量：3
4黄浩宁,陈志敏,徐聪,张晓燕.基于领域概念图的航天新闻自动摘要模型[J].北京航空航天大学学报,2024,50(1):317-327.
5修涵文,李贺,曹荣强,万萌,李凯,王彦棡.联邦学习全局模型和个性化模型的现状与展望[J].数据与计算发展前沿,2024,6(1):113-124.
6范义付,冯效刚.中国古代声乐文献研究述评[J].南京艺术学院学报（音乐与表演版）,2023(5):43-47.

数据与计算发展前沿

2024年第1期

浏览历史

内容加载中请稍等...

网络异常检测领域概念漂移问题研究综述

参考文献3

二级参考文献24

共引文献6

相关作者

相关机构

相关主题

浏览历史