大数据环境下的网络流量异常检测研究Research on network traffic anomaly detection in large data environment
蒲晓川
摘要(Abstract):
针对传统模型的网络流量异常检测正确率低,检测时间长的难题,设计了一种大数据环境下的网络流量异常检测模型。首先,对网络流量异常检测的研究现状进行分析,找到引起当前检测模型不足的原因;然后,采用HDOOP平台设计基于最小二乘支持向量机的网络流量异常检测模型;最后,在Maltab 2014平台下进行网络流量异常检测实验。实验结果表明,该模型可以准确对网络流量异常现象进行检测,获得了比其他模型更优的网络流量异常检测结果,具有更高的实际应用价值。
关键词(KeyWords): 网络安全;流量异常检测;HDOOP平台;最小二乘支持向量机;大数据环境;检测模型
基金项目(Foundation): 贵州省科学技术联合基金项目(黔科合LH字[2016]7023号)~~
作者(Author): 蒲晓川
DOI: 10.16652/j.issn.1004-373x.2018.03.020
参考文献(References):
- [1]CASAS P,VATON S,FILLATR L,et al.Optimal volume anomaly detection and isolation in large-scale IP networks using coarse-grained measurements[J].Computer networks,2010,54:1750-1766.
- [2]邹柏贤.一种网络异常实时检测方法[J].计算机学报,2003,26(8):940-947.ZOU Baixian.A real-time detection method for network anomaly[J].Chinese journal of computers,2003,26(8):940-947.
- [3]张登银,廖建飞.基于相对熵的网络流量异常检测方法[J].南京邮电大学学报(自然科学版),2012,32(5):26-31.ZHANG Dengyin,LIAO Jianfei.Network traffic anomaly detection based on relative entropy[J].Journal of Nanjing University of Posts and Telecommunications(natural science),2012,32(5):26-31.
- [4]曹敏,程东年.基于自适应阈值的网络流量异常检测算法[J].计算机工程,2009,35(19):164-166.CAO Min,CHENG Dongnian.Network traffic abnormality detection algorithm based on self-adaptive threshold[J].Computer engineering,2009,35(19):164-166.
- [5]温祥西,孟相如,马志强,等.基于局部投影降噪和FSVDD的网络流量异常检测[J].计算机应用研究,2013,30(5):1523-1526.WEN Xiangxi,MENG Xiangru,MA Zhiqiang,et al.Network traffic anomaly detection based on local projection denoise and FSVDD[J].Application research of computers,2013,30(5):1523-1526.
- [6]邱卫,杨英杰.基于尖点突变模型的联动网络流量异常检测方法[J].计算机科学,2016,43(3):163-167.QIU Wei,YANG Yingjie.Interaction network traffic anomaly detection method based on cusp catastrophic model[J].Computer science,2016,43(3):163-167.
- [7]米捷,王佳欣.多层次数据中心网络流量异常检测算法[J].河南工程学院学报(自然科学版),2017,29(1):62-66.MI Jie,WANG Jiaxin.Research on anomaly detection algorithm of multi layer data center network traffic[J].Journal of Henan University of Engineering(natural science edition),2017,29(1):62-66.
- [8]费金龙,王禹,王天鹏,等.基于云模型的网络异常流量检测[J].计算机工程,2017,43(1):178-182.FEI Jinlong,WANG Yu,WANG Tianpeng,et al.Network traffic anomaly detection based on cloud model[J].Computer engineering,2017,43(1):178-182.
- [9]李宇翀,魏东,罗兴国,等.基于多元增量分析的全网络在线异常检测方法[J].上海交通大学学报,2017,29(1):62-66.LI Yuchong,WEI Dong,LUO Xingguo,et al.Online networkwide anomaly detection algorithm based on multivariate incremental component analysis[J].Journal of Shanghai Jiaotong University,2017,29(1):62-66.
- [10]刘仁山,孟祥宏.基于时间特征的网络流量异常检测[J].辽宁工程技术大学学报(自然科学版),2013,32(4):544-548.LIU Renshan,MENG Xianghong.Anomaly detection of network traffic based on time characteristics[J].Journal of Liaoning Technical University(natural science),2013,32(4):544-548.
- [11]韩敏,穆大芸.回声状态网络LM算法及混沌时间序列预测[J].控制与决策,2011,26(10):1469-1472.HAN Min,MU Dayun.LM algorithm in echo state network for chaotic time series prediction[J].Control and decision,2011,26(10):1469-1472.