[1]朱佳佳,陈佳. 于熵和SVM多分类器的异常流量检测方法[J].计算机技术与发展,2016,26(03):31-35.
 ZHU Jia-jia,CHEN Jia. An Anomaly Detection Method Based on Entropy and SVM Multi-class Classifier[J].,2016,26(03):31-35.
点击复制

 于熵和SVM多分类器的异常流量检测方法()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
26
期数:
2016年03期
页码:
31-35
栏目:
智能、算法、系统工程
出版日期:
2016-03-10

文章信息/Info

Title:
 An Anomaly Detection Method Based on Entropy and SVM Multi-class Classifier
文章编号:
1673-629X(2016)03-0031-05
作者:
 朱佳佳陈佳
 北京交通大学 电子信息工程学院
Author(s):
 ZHU Jia-jiaCHEN Jia
关键词:
 异常检测信息熵 一对其余分类
Keywords:
 anomaly detectioninformation entropyone-to-allclassification
分类号:
TP301
文献标志码:
A
摘要:
 随着大数据时代的到来,各种数据挖掘和机器学习方法被广泛地应用于异常流量检测。文中针对异常流量检测方法展开研究,提出了一种基于熵和改进的SVM多分类器的异常流量检测方法。该方法用熵值对网络流量的各个属性进行量化,将异常流量检测问题抽象为对不同类型流量的分类问题,并对传统的一对其余SVM多分类器进行改进。使用改进SVM多分类器对熵值量化后的流量进行分类判决,根据分类结果捕获异常。将该方法应用于实际的异常流量检测系统,并进行测试,结果表明,该方法对网络中常见的异常流量有很好的检测效果。
Abstract:
 With the advent of the age of big data,data mining and machine learning methods have gradually replaced the traditional meth-ods of anomaly detection,which have gained more attention. In this paper,a new method of detecting the anomaly traffic based on the in-formation entropy and SVM is proposed. This method transfers anomaly detection problems into the classification of different types of traffic,and uses information entropy to quantify different attributes of network traffic. It puts forward an improved SVM multi-class clas-sifier to classify the entropy-quantified traffic and judges the anomalies accordingly. This method is implemented into a real system and function test is carried out. The results show that the method has a good detection effect for the abnormal traffic of the Internet.

相似文献/References:

[1]高峥 陈蜀宇 李国勇.混合入侵检测系统的研究[J].计算机技术与发展,2010,(06):148.
 GAO Zheng,CHEN Shu-yu,LI Guo-yong.Research of a Hybrid Intrusion Detection System[J].,2010,(03):148.
[2]李睿 肖维民.基于孤立点挖掘的异常检测研究[J].计算机技术与发展,2009,(06):168.
 LI Rui,XIAO Wei-min.Research on Anomaly Intrusion Detection Based on Outlier Mining[J].,2009,(03):168.
[3]汪慧敏.基于改进负选择算法的异常检测[J].计算机技术与发展,2009,(08):41.
 WANG Hui-min.Anomaly Detection Using Modified Negative Selection Algorithm[J].,2009,(03):41.
[4]赵辉 张鹏.网络异常的主动检测与特征分析[J].计算机技术与发展,2009,(08):159.
 ZHAO Hui,ZHANG Peng.Active Detection and Feature Analysis About Network Anomaly[J].,2009,(03):159.
[5]陈丹伟 黄秀丽 任勋益.基于人工神经网络入侵检测模型的探讨[J].计算机技术与发展,2009,(12):143.
 CHEN Dan-wei,HUANG Xiu-li,REN Xun-yi.An Approach to IDS Model Based on Artificial Neuron Network[J].,2009,(03):143.
[6]柏海滨 李俊.基于支持向量机的入侵检测系统的研究[J].计算机技术与发展,2008,(04):137.
 BAI Hai-bin,LI Jun.Research of Intrusion Detection System Based on Support Vector Machine[J].,2008,(03):137.
[7]宋连涛 庄卫华.基于异常的入侵检测技术在Snort系统中的应用[J].计算机技术与发展,2006,(06):136.
 SONG Lian-tao,ZHUANG Wei-hua.Application of Anomaly Detection Technology in Snort System[J].,2006,(03):136.
[8]陈平 宋玉蓉 蒋国平.基于多维聚类挖掘的异常检测方法研究[J].计算机技术与发展,2012,(07):136.
 CHEN Ping,SONG Yu-rong,JIANG Guo-ping.Multidimensional Clustering Based Anomaly Detection Research[J].,2012,(03):136.
[9]崔锡鑫,苏伟,刘颖.基于熵的流量分析和异常检测技术研究与实现[J].计算机技术与发展,2013,(05):120.
 CUI Xi-xin,SU Wei,LIU Ying.Research and Implementation of Traffic Analysis and Anomaly Detection Technology Based on Entropy[J].,2013,(03):120.
[10]张志宏,吴庆波,邵立松,等.基于飞腾平台TOE协议栈的设计与实现[J].计算机技术与发展,2014,24(07):1.
 ZHANG Zhi-hong,WU Qing-bo,SHAO Li-song,et al. Design and Implementation of TCP/IP Offload Engine Protocol Stack Based on FT Platform[J].,2014,24(03):1.
[11]翁鹤,皮德常. 混沌RBF神经网络异常检测算法[J].计算机技术与发展,2014,24(07):29.
 WENG He,PI De-chang. Chaotic RBF Neural Network Anomaly Detection Algorithm[J].,2014,24(03):29.
[12]朱俚治. 一种基于误用检测的新算法[J].计算机技术与发展,2015,25(02):135.
 ZHU Li-zhi. A New Algorithm Based on Misuse Detection[J].,2015,25(03):135.
[13]陈运文,吴飞,吴庐山,等. 基于异常检测的时间序列研究[J].计算机技术与发展,2015,25(04):166.
 CHEN Yun-wen,WU Fei,WU Lu-shan,et al. Research on Time Series Based on Anomaly Detection[J].,2015,25(03):166.
[14]刘华春,侯向宁,杨忠. 基于聚类与关联的入侵检测系统研究设计[J].计算机技术与发展,2015,25(07):133.
 LIU Hua-chun,HOU Xiang-ning,YANG Zhong. Research and Design of Intrusion Detection System Based on Association and Clustering[J].,2015,25(03):133.
[15]刘华春,候向宁,杨忠. 基于改进K均值算法的入侵检测系统设计[J].计算机技术与发展,2016,26(01):101.
 LIU Hua-chun,HOU Xiang-ning,YANG Zhong. Design of Intrusion Detection System Based on Improved K-means Algorithm[J].,2016,26(03):101.
[16]杨志勇,朱跃龙,万定生. 基于知识粒度的时间序列异常检测研究[J].计算机技术与发展,2016,26(07):51.
 YANG Zhi-yong,ZHU Yue-long,WAN Ding-sheng. Research on Time Series Anomaly Detection Based on Knowledge Granularity[J].,2016,26(03):51.

更新日期/Last Update: 2016-05-24