基于历史与当前短时特征的异常流量检测
将移动运营商核心网络中的故障点定位到设备和端口需要分析大量数据样本,耗时较长。针对该问题,提出一种以历史数据为参照的异常流量检测方法。构建历史流量数据库,在此基础上利用短时的面积特征与梯度特征刻画网络的流量行为,及时发现异常流量,并设计分级多粒度方法定位造成异常流量的故障点。实验结果表明,与自适应阈值法、K-means聚类法和多维熵法相比,该方法能取得较好的在线异常流量检测效果,准确定位出现故障及异常流量的设备及端口。...
Saved in:
| Published in | 计算机工程 Vol. 43; no. 12; pp. 73 - 77 |
|---|---|
| Main Author | |
| Format | Journal Article |
| Language | Chinese |
| Published |
中国移动通信集团湖北有限公司,武汉,430023%湖北城市建设职业技术学院信息工程系,武汉,430205%信阳职业技术学院,河南信阳,464000%华中科技大学计算机科学与技术学院,武汉,430074
2017
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 1000-3428 |
| DOI | 10.3969/j.issn.1000-3428.2017.12.014 |
Cover
| Summary: | 将移动运营商核心网络中的故障点定位到设备和端口需要分析大量数据样本,耗时较长。针对该问题,提出一种以历史数据为参照的异常流量检测方法。构建历史流量数据库,在此基础上利用短时的面积特征与梯度特征刻画网络的流量行为,及时发现异常流量,并设计分级多粒度方法定位造成异常流量的故障点。实验结果表明,与自适应阈值法、K-means聚类法和多维熵法相比,该方法能取得较好的在线异常流量检测效果,准确定位出现故障及异常流量的设备及端口。 |
|---|---|
| Bibliography: | LI Yizhang1 , WANG Xian1 , DUAN Ping2 , LIU Xiaoya3 , CHEN Yang4 , CHEN Jiazhong4 (1. China Mobile Communications Group Hubei Co. , Ltd. ,Wuhan 430023, China; 2. Department of Information Engineering, Hubei Urban Construction Vocational and Technological College, Wuhan 430205, China ; 3. Xinyang Vocational and Technological College, Xinyang, Henan 464000, China; 4. School of Computer Science and Technology ,Huazhong University of Science and Technology ,Wuhan 430074 ,China) 31-1289/TP To locate the fault points in the core network of mobile operators, previous methods require too many data samples which need long time to find the fault points. Aiming at this problem, this paper proposes an abnormal traffic detection method using the historical data as reference. It establishes a database containing historical traffic data. On this basis, it uses the surface feature and gradient features in short term to describe traffic behaviors of network, so as to detect the abnormal traffic in time. Meanwhile,it proposes a |
| ISSN: | 1000-3428 |
| DOI: | 10.3969/j.issn.1000-3428.2017.12.014 |