| 基于局部投影降噪和FSVDD的网络流量异常检测 |
| |
| 引用本文: | 温祥西,孟相如,马志强,康巧燕.基于局部投影降噪和FSVDD的网络流量异常检测[J].计算机应用研究,2013,30(5):1523-1526. |
| |
| 作者姓名: | 温祥西 孟相如 马志强 康巧燕 |
| |
| 作者单位: | 1. 空军工程大学 空管与领航学院, 西安 710051; 2. 空军工程大学 信息与导航学院, 西安 710077 |
| |
| 基金项目: | 国家自然科学基金资助项目(61003252); 全军军事学研究生课题资助项目(2011JY002-524); 空军工程大学创新基金资助项目(201105) |
| |
| 摘 要: | 现有残差比较等异常检测方法只能在突变阶段检测异常, 检测率较低。综合考虑网络流量中包含的所有特征, 对网络中的多种协议流量指标分别进行局部投影降噪处理, 将各流量分解为流量趋势部分和噪声流量部分, 以这两部分为参量通过支持向量数据描述建立检测模型, 并通过对样本的模糊化处理提高模型的泛化性。实验表明该方法适合于检测拒绝服务攻击引起的流量异常, 与传统的阈值比较方法相比能够获得更高的异常检测率和更低的误报率。
|
| 关 键 词: | 局部投影降噪 模糊逻辑 支持向量数据描述 异常检测 |
Network traffic anomaly detection based on local projection denoise and FSVDD |
| |
| WEN Xiang-xi,MENG Xiang-ru,MA Zhi-qiang,KANG Qiao-yan.Network traffic anomaly detection based on local projection denoise and FSVDD[J].Application Research of Computers,2013,30(5):1523-1526. |
| |
| Authors: | WEN Xiang-xi MENG Xiang-ru MA Zhi-qiang KANG Qiao-yan |
| |
| Affiliation: | 1. Air Traffic Control & Navigation College, Air Force Engineering University, Xi'an 710051, China; 2. Institute of Information & Navigation, Air Force Engineering University, Xi'an 710077, China |
| |
| Abstract: | The present network traffic anomaly detection methods such as residual detection could detect anomaly at the break moment only, the detection rate was low. This paper denoised the multiple protocols of network traffic by local projection me-thod, it decomposed the traffic into trend part, and noise part and considered them in the detection. It also established the detection model by SVDD, and introduced the fuzzy logic to enhance the model's generalization. The experiments on DoS attacks detection show that the proposed method can detect the anomaly well. Compared to the traditional methods, it gets higher detection rate and lower false alarm rate. |
| |
| Keywords: | local projection denoise fuzzy logic SVDD anomaly detection |
|
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
