期刊文献+
共找到4篇文章
< 1 >
每页显示 20 50 100
Abnormal Event Correlation and Detection Based on Network Big Data Analysis 被引量:2
1
作者 Zhichao Hu Xiangzhan Yu +1 位作者 Jiantao Shi Lin Ye 《Computers, Materials & Continua》 SCIE EI 2021年第10期695-711,共17页
With the continuous development of network technology,various large-scale cyber-attacks continue to emerge.These attacks pose a severe threat to the security of systems,networks,and data.Therefore,how to mine attack p... With the continuous development of network technology,various large-scale cyber-attacks continue to emerge.These attacks pose a severe threat to the security of systems,networks,and data.Therefore,how to mine attack patterns from massive data and detect attacks are urgent problems.In this paper,an approach for attack mining and detection is proposed that performs tasks of alarm correlation,false-positive elimination,attack mining,and attack prediction.Based on the idea of CluStream,the proposed approach implements a flow clustering method and a two-step algorithm that guarantees efficient streaming and clustering.The context of an alarm in the attack chain is analyzed and the LightGBM method is used to perform falsepositive recognition with high accuracy.To accelerate the search for the filtered alarm sequence data to mine attack patterns,the PrefixSpan algorithm is also updated in the store strategy.The updated PrefixSpan increases the processing efficiency and achieves a better result than the original one in experiments.With Bayesian theory,the transition probability for the sequence pattern string is calculated and the alarm transition probability table constructed to draw the attack graph.Finally,a long-short-term memory network and embedding word-vector method are used to perform online prediction.Results of numerical experiments show that the method proposed in this paper has a strong practical value for attack detection and prediction. 展开更多
关键词 Attack scene false positive alarm correlation sequence mining multi-step attack
下载PDF
Damage alarming of long-span suspension bridge based on GPS-RTK monitoring 被引量:7
2
作者 缪长青 王蔓 +2 位作者 田洪金 冯兆祥 陈策 《Journal of Central South University》 SCIE EI CAS CSCD 2015年第7期2800-2808,共9页
Structure damage identification and alarming of long-span bridge were conducted with three-dimensional dynamic displacement data collected by GPS subsystem of health monitoring system on Runyang Suspension Bridge.Firs... Structure damage identification and alarming of long-span bridge were conducted with three-dimensional dynamic displacement data collected by GPS subsystem of health monitoring system on Runyang Suspension Bridge.First,the effects of temperature on the main girder spatial position coordinates were analyzed from the transverse,longitudinal and vertical directions of bridge,and the correlation regression models were built between temperature and the position coordinates of main girder in the longitudinal and vertical directions;then the alarming indices of coordinate residuals were conducted,and the mean-value control chart was applied to making statistical pattern identification for abnormal changes of girder dynamic coordinates;and finally,the structural damage alarming method of main girder was established.Analysis results show that temperature has remarkable correlation with position coordinates in the longitudinal and vertical directions of bridge,and has weak correlation with the transverse coordinates.The 3%abnormal change of the longitudinal coordinates and 5%abnormal change of the vertical ones caused by structural damage are respectively identified by the mean-value control chart method based on GPS dynamic monitoring data and hence the structural abnormalities state identification and damage alarming for main girder of long-span suspension bridge can be realized in multiple directions. 展开更多
关键词 long-span suspension bridge damage alarming mean-value control chart GPS displacement temperature correlation
下载PDF
Alarm Correlation Rules Generation Algorithm Based on Confidence Covered Value
3
作者 李彤岩 《Journal of Donghua University(English Edition)》 EI CAS 2015年第2期268-271,共4页
In communication alarm correlation analysis,traditional association rules generation(ARG) algorithm usually has low efficiency and high error rate.This paper proposes an alarm correlation rules generation algorithm ba... In communication alarm correlation analysis,traditional association rules generation(ARG) algorithm usually has low efficiency and high error rate.This paper proposes an alarm correlation rules generation algorithm based on the confidence covered value.Confidence covered value method can judge whether a rule is redundant or not scientific After the rules that based on weighted frequent patterns(WFPs) generated,the association rules were deleted by the confidence covered value,in order to delete the redundant rules and keep the rules with more information.Experiments show that the alarm correlation rules generation algorithm based on the confidence covered value has higher efficiency than the traditional method,and can effectively remove redundant rules.Thus it is very suitable for telecommunication alarm association rules processing. 展开更多
关键词 alarm Correlation redundant confidence remove delete frequent covered judge resolve
下载PDF
Pruning Redundant Alarm Correlation Patterns
4
作者 CHEN Yue, LIN Qi ning, TU Zhi yun (Business Management School, Beijing University of Posts and Telecommunications, Beijing 100876, P.R.China) 《The Journal of China Universities of Posts and Telecommunications》 EI CSCD 2002年第2期45-48,共4页
Efficient methods exist for discovering association rules fromlarge collections of data. The number of discovered rules can,however, be so large. At the same time it is well known that manydiscovered associations are ... Efficient methods exist for discovering association rules fromlarge collections of data. The number of discovered rules can,however, be so large. At the same time it is well known that manydiscovered associations are redundant or minor variations of others.Their existence may simply be due to chance rather than truecorrelation. Thus, those spurious and insignificant rules should beremoved. In this paper, we propose a novel technique to over- Comethis problem. The technique firstly introduces the newconcept-structure rule cover, and then present a Quantitative methodto prune redundant correlation patterns. The user can now obtain acomplete picture of the do- Main without being overwhelmed by a hugenumber of rules. 展开更多
关键词 alarm correlation structural rule cover correlation logic minimumsupport
原文传递
上一页 1 下一页 到第
使用帮助 返回顶部