基于历史与当前短时特征的异常流量检测
将移动运营商核心网络中的故障点定位到设备和端口需要分析大量数据样本,耗时较长。针对该问题,提出一种以历史数据为参照的异常流量检测方法。构建历史流量数据库,在此基础上利用短时的面积特征与梯度特征刻画网络的流量行为,及时发现异常流量,并设计分级多粒度方法定位造成异常流量的故障点。实验结果表明,与自适应阈值法、K-means聚类法和多维熵法相比,该方法能取得较好的在线异常流量检测效果,准确定位出现故障及异常流量的设备及端口。...
Saved in:
| Published in | 计算机工程 Vol. 43; no. 12; pp. 73 - 77 |
|---|---|
| Main Author | |
| Format | Journal Article |
| Language | Chinese |
| Published |
中国移动通信集团湖北有限公司,武汉,430023%湖北城市建设职业技术学院信息工程系,武汉,430205%信阳职业技术学院,河南信阳,464000%华中科技大学计算机科学与技术学院,武汉,430074
2017
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 1000-3428 |
| DOI | 10.3969/j.issn.1000-3428.2017.12.014 |
Cover
| Abstract | 将移动运营商核心网络中的故障点定位到设备和端口需要分析大量数据样本,耗时较长。针对该问题,提出一种以历史数据为参照的异常流量检测方法。构建历史流量数据库,在此基础上利用短时的面积特征与梯度特征刻画网络的流量行为,及时发现异常流量,并设计分级多粒度方法定位造成异常流量的故障点。实验结果表明,与自适应阈值法、K-means聚类法和多维熵法相比,该方法能取得较好的在线异常流量检测效果,准确定位出现故障及异常流量的设备及端口。 |
|---|---|
| AbstractList | 将移动运营商核心网络中的故障点定位到设备和端口需要分析大量数据样本,耗时较长。针对该问题,提出一种以历史数据为参照的异常流量检测方法。构建历史流量数据库,在此基础上利用短时的面积特征与梯度特征刻画网络的流量行为,及时发现异常流量,并设计分级多粒度方法定位造成异常流量的故障点。实验结果表明,与自适应阈值法、K-means聚类法和多维熵法相比,该方法能取得较好的在线异常流量检测效果,准确定位出现故障及异常流量的设备及端口。 TN929.5; 将移动运营商核心网络中的故障点定位到设备和端口需要分析大量数据样本,耗时较长.针对该问题,提出一种以历史数据为参照的异常流量检测方法.构建历史流量数据库,在此基础上利用短时的面积特征与梯度特征刻画网络的流量行为,及时发现异常流量,并设计分级多粒度方法定位造成异常流量的故障点.实验结果表明,与自适应阈值法、K-means聚类法和多维熵法相比,该方法能取得较好的在线异常流量检测效果,准确定位出现故障及异常流量的设备及端口. |
| Abstract_FL | To locate the fault points in the core network of mobile operators,previous methods require too many data samples which need long time to find the fault points.Aiming at this problem,this paper proposes an abnormal traffic detection method using the historical data as reference.It establishes a database containing historical traffic data.On this basis,it uses the surface feature and gradient features in short term to describe traffic behaviors of network,so as to detect the abnormal traffic in time.Meanwhile,it proposes a hierarchical and multi-granularity method to find the fault points that lead to the anomalous traffic.Experimental results demonstrate that,compared with adaptive threshold method,Kmeans clustering method and multidimensional entropy method,the proposed method can not only perform better in online abnormal traffic detection,but also locate the equipments and points that have faluts and abnormal traffic more accurately. |
| Author | 李轶璋;王冼;段平;刘晓亚;陈阳;陈加忠 |
| AuthorAffiliation | 中国移动通信集团湖北有限公司,武汉430023;湖北城市建设职业技术学院信息工程系,武汉430205;信阳职业技术学院,河南信阳464000;华中科技大学计算机科学与技术学院,武汉430074 |
| AuthorAffiliation_xml | – name: 中国移动通信集团湖北有限公司,武汉,430023%湖北城市建设职业技术学院信息工程系,武汉,430205%信阳职业技术学院,河南信阳,464000%华中科技大学计算机科学与技术学院,武汉,430074 |
| Author_FL | CHEN Yang WANG Xian LIU Xiaoya DUAN Ping CHEN Jiazhong LI Yizhang |
| Author_FL_xml | – sequence: 1 fullname: LI Yizhang – sequence: 2 fullname: WANG Xian – sequence: 3 fullname: DUAN Ping – sequence: 4 fullname: LIU Xiaoya – sequence: 5 fullname: CHEN Yang – sequence: 6 fullname: CHEN Jiazhong |
| Author_xml | – sequence: 1 fullname: 李轶璋;王冼;段平;刘晓亚;陈阳;陈加忠 |
| BookMark | eNo9j81Kw0AcxPdQwVr7EiLeEve_u9nNHqX4BQUvvZdk82GCbrRBxJsVUYqYHjwIXnrw7EWo1KI-TTfFtzBS8TIDw48ZZgXVdKZDhNYB21RyuZnaSZ5rGzDGFmXEtQkGYQOxMbAaqv_ny6iZ54mPHaDCEdStI25G09m0MMWNGb7OJoX5fDCD-_nopXx8mw_ezVd__nRtPq7MZFKO-9-3w_L5shzfraKlyDvKw-afN1BnZ7vT2rPaB7v7ra22pRyXWQoHHDyQmEAUSRUw3wfJBQjKXRVSrrgjozByOSdB6CvwpQi4cGRAmPQI4bSBNha1556OPB130-ysp6vBbpqnsfp9CZWwClxbgOow0_FpUqEnveTY6110uWAYE-Fw-gOiamlf |
| ClassificationCodes | TN929.5 |
| ContentType | Journal Article |
| Copyright | Copyright © Wanfang Data Co. Ltd. All Rights Reserved. |
| Copyright_xml | – notice: Copyright © Wanfang Data Co. Ltd. All Rights Reserved. |
| DBID | 2RA 92L CQIGP W92 ~WA 2B. 4A8 92I 93N PSX TCJ |
| DOI | 10.3969/j.issn.1000-3428.2017.12.014 |
| DatabaseName | 维普_期刊 中文科技期刊数据库-CALIS站点 维普中文期刊数据库 中文科技期刊数据库-工程技术 中文科技期刊数据库- 镜像站点 Wanfang Data Journals - Hong Kong WANFANG Data Centre Wanfang Data Journals 万方数据期刊 - 香港版 China Online Journals (COJ) China Online Journals (COJ) |
| DatabaseTitleList | |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Engineering |
| DocumentTitleAlternate | Abnormal Traffic Detection Based on Historical and Current Short-term Features |
| DocumentTitle_FL | Abnormal Traffic Detection Based on Historical and Current Short-term Features |
| EndPage | 77 |
| ExternalDocumentID | jsjgc201712014 674002756 |
| GrantInformation_xml | – fundername: 中国移动通信集团湖北有限公司TD-SCDMA联合创新实验室项目“基于大数据流量建模的分组域核心网运维方法研究” funderid: (HBMC-3510-JS-JSZX-2015-1197) |
| GroupedDBID | -0Y 2B. 2C0 2RA 5XA 5XJ 92H 92I 92L ACGFS ALMA_UNASSIGNED_HOLDINGS CCEZO CQIGP CUBFJ CW9 TCJ TGT U1G U5S W92 ~WA 4A8 93N ABJNI PSX |
| ID | FETCH-LOGICAL-c584-c0d61a19021ff9cd4bb196717368ce36c659fef8662debc1b97d6759d249a2263 |
| ISSN | 1000-3428 |
| IngestDate | Thu May 29 04:21:02 EDT 2025 Wed Feb 14 10:02:59 EST 2024 |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 12 |
| Keywords | 网络流量 network traffic 短时特征 traffic behavior 异常流量检测 流量行为 历史特征 short-term feature abnormal traffic detection historical feature |
| Language | Chinese |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-c584-c0d61a19021ff9cd4bb196717368ce36c659fef8662debc1b97d6759d249a2263 |
| Notes | LI Yizhang1 , WANG Xian1 , DUAN Ping2 , LIU Xiaoya3 , CHEN Yang4 , CHEN Jiazhong4 (1. China Mobile Communications Group Hubei Co. , Ltd. ,Wuhan 430023, China; 2. Department of Information Engineering, Hubei Urban Construction Vocational and Technological College, Wuhan 430205, China ; 3. Xinyang Vocational and Technological College, Xinyang, Henan 464000, China; 4. School of Computer Science and Technology ,Huazhong University of Science and Technology ,Wuhan 430074 ,China) 31-1289/TP To locate the fault points in the core network of mobile operators, previous methods require too many data samples which need long time to find the fault points. Aiming at this problem, this paper proposes an abnormal traffic detection method using the historical data as reference. It establishes a database containing historical traffic data. On this basis, it uses the surface feature and gradient features in short term to describe traffic behaviors of network, so as to detect the abnormal traffic in time. Meanwhile,it proposes a |
| PageCount | 5 |
| ParticipantIDs | wanfang_journals_jsjgc201712014 chongqing_primary_674002756 |
| PublicationCentury | 2000 |
| PublicationDate | 2017 |
| PublicationDateYYYYMMDD | 2017-01-01 |
| PublicationDate_xml | – year: 2017 text: 2017 |
| PublicationDecade | 2010 |
| PublicationTitle | 计算机工程 |
| PublicationTitleAlternate | Computer Engineering |
| PublicationTitle_FL | Computer Engineering |
| PublicationYear | 2017 |
| Publisher | 中国移动通信集团湖北有限公司,武汉,430023%湖北城市建设职业技术学院信息工程系,武汉,430205%信阳职业技术学院,河南信阳,464000%华中科技大学计算机科学与技术学院,武汉,430074 |
| Publisher_xml | – name: 中国移动通信集团湖北有限公司,武汉,430023%湖北城市建设职业技术学院信息工程系,武汉,430205%信阳职业技术学院,河南信阳,464000%华中科技大学计算机科学与技术学院,武汉,430074 |
| SSID | ssib051375738 ssib017479294 ssj0042200 ssib001102934 ssib023646288 |
| Score | 2.0887108 |
| Snippet | 将移动运营商核心网络中的故障点定位到设备和端口需要分析大量数据样本,耗时较长。针对该问题,提出一种以历史数据为参照的异常流量检测方法。构建历史流量数据库,在此基础上... TN929.5; 将移动运营商核心网络中的故障点定位到设备和端口需要分析大量数据样本,耗时较长.针对该问题,提出一种以历史数据为参照的异常流量检测方法.构建历史流量数据库,... |
| SourceID | wanfang chongqing |
| SourceType | Aggregation Database Publisher |
| StartPage | 73 |
| SubjectTerms | 历史特征 异常流量检测 流量行为 短时特征 网络流量 |
| Title | 基于历史与当前短时特征的异常流量检测 |
| URI | http://lib.cqvip.com/qk/95200X/201712/674002756.html https://d.wanfangdata.com.cn/periodical/jsjgc201712014 |
| Volume | 43 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVAON databaseName: DOAJ Directory of Open Access Journals issn: 1000-3428 databaseCode: DOA dateStart: 20160101 customDbUrl: isFulltext: true dateEnd: 99991231 titleUrlDefault: https://www.doaj.org/ omitProxy: true ssIdentifier: ssj0042200 providerName: Directory of Open Access Journals |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3NTxQxFJ8gJEYPxs-I-MGBHhdnOp1Oe5zZjxATPWHCxWx2PhbCYVGBCycxRkOMcPBg4oWDZy8mGCTqX8Ms8b_wvdfu7ICISLJpuu3r-_p1d1-701fHmdIeDzuad2oBlDWRq7SWiATvIw4St9sVnU6G-x0PH8mZx-LBXDA3Mvak8tTS6koyna4de67kLKhCG-CKp2T_A9mSKTRAHfCFEhCG8lQYs2bAdIvFEWsKLFUTW6BUkirQxalL2a64wbRPXZqpBmuGODyCimQ6ZLHEFuiKNREDH49ogLOgljpTnCoKXzAqDogGuIUoDloiHx-esF1xNfZlTcWiJouIJ1RAIsqtk_7AExoD6lKDgTARiKRB6itU3-io-SGSkGyOyTAQXK8OBkGgCfIHu_xhD5AqpskIrckr5EIdVfdBzIFPmrPWj-gscHqMuqCu4DUjN0K90REu-guJW2SqRmKDB1QiTq6BRoNQfegF8DsSw8ulroBF9QGKCj4JZEyDRZI4eEjP68J3KSlGcBxbmhwWeDVALiZ3ExIxORXwA3pjHWou0RYDIWgVtXCUlUvqRbxincThhuYwfliJfRT3d825G5DmVV8pHHU2rYwgmPGxmeINcsIfzEG0hJ8Ul0QTGbqoBJcw1V5FIggS2DiUeMI8LoeXxOXH79QmHIuyuWXKxg-YqMEXNt-BDTBMHrLBFymvhAvmFh8beJrrjI6GNL6WmkIa5D9d8seHUkP6I8OcwT6SNH5xeXE-RRIPCnHOGeMhBOKVHSdaLcHiQg-zQ-JVEnj5-OB94PlhQNkZTWArOHdNcherw3lnyip4_yT1MGvNwlJv_hnE4nQ0stft9OYrUfzsZeeSXX5PRua79IozsrZw1blYScp6zZHF9t7-3max-brY-rK_u1n8eF9svDvY_tz_8PVg41vxc_3g46vi-8tid7e_s_7rzVb_04v-ztvrzmyrOVufqdnbZWopLLpqqZtJrwPLIe51uzrNRJJAMILPJEmV5r5MZaC7eVdJybM8Sb1Eh5kMA51xoTuwZvVvOKO9pV5-05nMdKo5D1NXCS2yLNUpF7kMIVrCHPAqH3cmSge0n5okQm0ZCtwSDOS4c8-6pG1_Wpbbh-G79U-KCecC1s3W8G1ndOX5an4HFksryV2C_DdqePiG |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=%E5%9F%BA%E4%BA%8E%E5%8E%86%E5%8F%B2%E4%B8%8E%E5%BD%93%E5%89%8D%E7%9F%AD%E6%97%B6%E7%89%B9%E5%BE%81%E7%9A%84%E5%BC%82%E5%B8%B8%E6%B5%81%E9%87%8F%E6%A3%80%E6%B5%8B&rft.jtitle=%E8%AE%A1%E7%AE%97%E6%9C%BA%E5%B7%A5%E7%A8%8B&rft.au=%E6%9D%8E%E8%BD%B6%E7%92%8B&rft.au=%E7%8E%8B%E5%86%BC&rft.au=%E6%AE%B5%E5%B9%B3&rft.au=%E5%88%98%E6%99%93%E4%BA%9A&rft.date=2017&rft.pub=%E4%B8%AD%E5%9B%BD%E7%A7%BB%E5%8A%A8%E9%80%9A%E4%BF%A1%E9%9B%86%E5%9B%A2%E6%B9%96%E5%8C%97%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8%2C%E6%AD%A6%E6%B1%89%2C430023%25%E6%B9%96%E5%8C%97%E5%9F%8E%E5%B8%82%E5%BB%BA%E8%AE%BE%E8%81%8C%E4%B8%9A%E6%8A%80%E6%9C%AF%E5%AD%A6%E9%99%A2%E4%BF%A1%E6%81%AF%E5%B7%A5%E7%A8%8B%E7%B3%BB%2C%E6%AD%A6%E6%B1%89%2C430205%25%E4%BF%A1%E9%98%B3%E8%81%8C%E4%B8%9A%E6%8A%80%E6%9C%AF%E5%AD%A6%E9%99%A2%2C%E6%B2%B3%E5%8D%97%E4%BF%A1%E9%98%B3%2C464000%25%E5%8D%8E%E4%B8%AD%E7%A7%91%E6%8A%80%E5%A4%A7%E5%AD%A6%E8%AE%A1%E7%AE%97%E6%9C%BA%E7%A7%91%E5%AD%A6%E4%B8%8E%E6%8A%80%E6%9C%AF%E5%AD%A6%E9%99%A2%2C%E6%AD%A6%E6%B1%89%2C430074&rft.issn=1000-3428&rft.volume=43&rft.issue=12&rft.spage=73&rft.epage=77&rft_id=info:doi/10.3969%2Fj.issn.1000-3428.2017.12.014&rft.externalDocID=jsjgc201712014 |
| thumbnail_s | http://utb.summon.serialssolutions.com/2.0.0/image/custom?url=http%3A%2F%2Fimage.cqvip.com%2Fvip1000%2Fqk%2F95200X%2F95200X.jpg http://utb.summon.serialssolutions.com/2.0.0/image/custom?url=http%3A%2F%2Fwww.wanfangdata.com.cn%2Fimages%2FPeriodicalImages%2Fjsjgc%2Fjsjgc.jpg |