摘要
采用当前数据挖掘方法挖掘多源日志中存在的安全数据时,数据挖掘所用的时间较长,挖掘得到的数据不完整,存在挖掘效率低和数据完整度低的问题。提出基于时间序列的多源日志安全数据挖掘方法,标记时刻不同的信号在多源日志中的强度,根据信号强度计算标签数据在多源日志中的过程时间和移动速度,根据计算结果去除多源日志中存在的脏数据和冗余数据。对多源日志中的时间序列数据做分块处理,结合二维奇异值分解方法和主成分分析方法提取子矩阵中的特征,根据提取得到的特征通过最小距离方法建立数据分类器,利用数据分类器对多源日志中存在的安全数据做分类处理,完成多源日志安全数据的挖掘。仿真结果表明,所提方法的挖掘效率高、数据完整度高。
In this article, a method to mine multi-source log security data based on time series was proposed. Firstly, we marked the intensity of signal with different time in multi-source log. According to signal intensity, the procedure time and moving speed of tag data in multi-source log. According to the calculation result, dirty and redundant data in multi-source log were removed. Dirty data and redundant data present. Then we performed the block processing on time series data in multi-source log. After that we extracted features form the sub-matrix by combining two-dimensional singular value decomposition method and principal component analysis method. According to the extracted features, we used the minimum distance method to establish the data classifier. Finally, we used data classifier to classify security data existing in the multi-source log. Thus, we completed the mining of the multi-source log security data. Simulation results show that the proposed method has high mining efficiency and high data integrity.
作者
杨秋翔
王冠男
王婷
YANG Qiu-xiang;WANG Guan-nan;WANG Ting(North University of China,Software School,Taiyuan Shanxi 030051,China)
出处
《计算机仿真》
北大核心
2019年第2期297-301,共5页
Computer Simulation
关键词
时间序列
多源日志
数据挖掘
分类
Sequentially
Multi-source log
Data mining
Classification
