發(fā)布時間：2018-04-22 19:34

  本文選題：高維網(wǎng)絡(luò)流量 + 異常檢測　； 參考：《太原科技大學》2014年碩士論文

【摘要】：隨著互聯(lián)網(wǎng)的迅速發(fā)展，網(wǎng)絡(luò)安全已成為人們最關(guān)心的問題之一，網(wǎng)絡(luò)流量異常檢測系統(tǒng)是繼防火墻之后最有效的防護手段。實時、準確判定流量異常是網(wǎng)絡(luò)檢測的重點。 由于對單條鏈路進行流量異常檢測不能檢測類似蠕蟲病毒的網(wǎng)絡(luò)攻擊,所以必須對全網(wǎng)網(wǎng)絡(luò)流量進行異常檢測，以達到更好的檢測效果。然而全網(wǎng)網(wǎng)絡(luò)流量數(shù)據(jù)大,維數(shù)高，通常包括多個OD(Original-Destination)流，并且還有大量噪音�；谙蛄康漠惓z測方法不適用于處理維數(shù)較高的流量數(shù)據(jù)，將它們應用在全網(wǎng)網(wǎng)絡(luò)流量異常檢測上效果不佳。 利用張量來表示高維網(wǎng)絡(luò)流量數(shù)據(jù)，利用張量分析的方法對數(shù)據(jù)進行降維處理，能夠有效降低異常檢測的檢測時間和算法的空間復雜度，，基于張量分析的異常檢測方法適用于高維網(wǎng)絡(luò)流量數(shù)據(jù)的異常檢測。 本文首先研究了基于張量分析的網(wǎng)絡(luò)異常檢測技術(shù)，設(shè)計了基于標準分數(shù)的閾值檢測機制，仿真結(jié)果證明基于張量分析的異常檢測方法(HOSVD、HOOI)在誤報率、漏報率以及檢測時間方面性能優(yōu)于基于向量的異常檢測方法(PCA)。 然后對高維網(wǎng)絡(luò)流量數(shù)據(jù)添加相關(guān)信息后進行異常檢測，仿真結(jié)果表明對于維度之間存在相關(guān)信息的數(shù)據(jù)基于張量分析的異常檢測方法在誤報率和漏報率方面性能不如基于向量的異常檢測方法，但是檢測時間方面性能優(yōu)于基于向量的異常檢測方法。 最后在HOSVD算法基礎(chǔ)上基于高維數(shù)據(jù)維度相關(guān)性引入了Cross-HOSVDs算法。然后將新方法Cross-HOSVDs應用于存在相關(guān)信息的高維網(wǎng)絡(luò)流量數(shù)據(jù)的進行異常檢測。根據(jù)基于標準分數(shù)的閾值檢測機制，對比Cross-HOSVDs和HOSVD方法進行異常檢測時的誤報率和漏報率，仿真結(jié)果證明了新方法降低了誤報率和漏報率。
[Abstract]:With the rapid development of the Internet, network security has become one of the most concerned issues. Network traffic anomaly detection system is the most effective protection after firewall. Real-time, accurate detection of traffic anomalies is the focus of network detection. Because the traffic anomaly detection of a single link can not detect the network attack similar to the worm virus, it is necessary to detect the network traffic anomaly in order to achieve a better detection effect. However, the network traffic data is large and the dimension is high. It usually includes multiple ODN Original-Destinationflows, and there is also a lot of noise. The vector based anomaly detection method is not suitable for dealing with traffic data with high dimension, and it is not effective to apply them to network traffic anomaly detection. The use of Zhang Liang to represent high-dimensional network traffic data, and to reduce the dimension of the data by Zhang Liang analysis can effectively reduce the detection time of anomaly detection and the spatial complexity of the algorithm. The anomaly detection method based on Zhang Liang analysis is suitable for anomaly detection of high dimensional network traffic data. In this paper, the network anomaly detection technology based on Zhang Liang analysis is studied, and the threshold detection mechanism based on standard score is designed. The simulation results show that the anomaly detection method based on Zhang Liang analysis is false alarm rate. The performance of missed report rate and detection time is better than that of vector based anomaly detection method. Then, after adding the relevant information to the high-dimensional network traffic data, the anomaly detection is carried out. The simulation results show that the performance of the anomaly detection method based on Zhang Liang analysis is not as good as the vector based anomaly detection method in terms of false alarm rate and false alarm rate. But the performance of detection time is better than that of vector based anomaly detection method. Finally, based on the HOSVD algorithm, the Cross-HOSVDs algorithm is introduced based on the high dimensional data dimension correlation. Then the new method Cross-HOSVDs is applied to the anomaly detection of high dimensional network traffic data with relevant information. According to the threshold detection mechanism based on standard score, the false alarm rate and false false alarm rate of Cross-HOSVDs and HOSVD methods are compared. The simulation results show that the new method reduces the false alarm rate and false alarm rate.
【學位授予單位】：太原科技大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.08

【參考文獻】

相關(guān)期刊論文 前10條

1 楊丹;胡光岷;李宗林;姚興苗;;全局的多流量相關(guān)異常檢測算法[J];電子科技大學學報;2008年06期

2 趙繼印;鄭蕊蕊;吳寶春;李敏;;脫機手寫體漢字識別綜述[J];電子學報;2010年02期

3 吳海龍,梁逸曾,俞汝勤;分析化學計量學[J];分析試驗室;1999年06期

4 胡海波;王科;徐玲;汪小帆;;基于復雜網(wǎng)絡(luò)理論的在線社會網(wǎng)絡(luò)分析[J];復雜系統(tǒng)與復雜性科學;2008年02期

5 聶重重;吳海龍;卿湘東;李元娜;李勇;許慧;朱紹華;俞汝勤;;三維熒光二階校正法快速測定環(huán)境水體和淤泥樣中麥穗寧殘留量[J];環(huán)境化學;2011年11期

6 相潔;陳俊杰;;基于SVM的fMRI數(shù)據(jù)分類:一種解碼思維的方法[J];計算機研究與發(fā)展;2010年02期

7 鄭黎明;鄒鵬;賈焰;;多維多層次網(wǎng)絡(luò)流量異常檢測研究[J];計算機研究與發(fā)展;2011年08期

8 程萬里;李偉生;;基于Gabor-2DLDA方法的人臉識別研究[J];計算機工程與應用;2008年35期

9 李漢彪;劉淵;;一種SVM入侵檢測的融合新策略[J];計算機工程與應用;2012年04期

10 劉銘;俞能海;李衛(wèi)海;周浩;;基于張量分解的數(shù)字圖像取證[J];計算機工程;2011年08期

相關(guān)博士學位論文 前1條

1 劉亞楠;多模態(tài)特征融合和變量選擇的視頻語義理解[D];浙江大學;2010年

本文編號：1788607