Network abnormity detection method

A detection method and technology for network anomalies, applied in the field of network communication, can solve the problems of inability to obtain effective results, complex method models, and inability to detect abnormal behavior types, saving time, wide application, and improving detection efficiency.

Inactive Publication Date: 2015-05-13
SHANGHAI DIANJI UNIV
View PDF2 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, for the above methods, the model of the first method is relatively simple and cannot detect more abnormal behavior types; for the second method, since the confidence interval needs to be artificially set through experience, more failures and experience are required To generate a credible confidence interval; the third method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network abnormity detection method
  • Network abnormity detection method
  • Network abnormity detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In order to make the content of the present invention more clear and understandable, the content of the present invention will be described in detail below in conjunction with specific embodiments and accompanying drawings.

[0026] figure 1 A network anomaly detection method based on clustering and outlier detection according to a preferred embodiment of the present invention is schematically shown.

[0027] Specifically, as figure 1 As described, the network anomaly detection method based on clustering and outlier detection according to a preferred embodiment of the present invention includes:

[0028] The first step S1 is used to determine the attributes of the MIB (Management Information Base, Management Information Base) data to be clustered according to the network to be detected, and generate an attribute vector X; wherein, for example, each component of the attribute vector is each in the MIB attribute variable.

[0029] The second step S2 is to sample MIB da...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network abnormity detection method. The method comprises the following steps: 1, determining attribute of clustered MIB (Management Information Base) data according to a to-be-detected network to generate an attribute vector X; 2, sampling the MIB data in a predetermined time; 3, executing clustering analysis treatment on the acquired MIB data; IV, executing outlier detection on a clustering analysis treatment result, wherein the cluster of which the number of members in the clustering analysis treatment result is smaller than a specified threshold value is judged to be an isolated event in the step IV, and occurrence of network abnormity in the time corresponding to the isolated event is judged.

Description

technical field [0001] The present invention relates to the field of network communication, more specifically, the present invention relates to a network anomaly detection method based on clustering and outlier detection, in which the management information database generated by routers is used to find network anomalies, which can be widely used in network faults discovery and intrusion detection etc. . Background technique [0002] In 1980, James P.Anderson classified network threats and elaborated the concept of network anomaly detection for the first time. From 1984 to 1985, Denning et al. of George London University developed the first real-time intrusion detection system model IDES (Intrusion Detection Expert System). One of the most influential systems in detection. MIDAS (Multics Intrusion Detection and Alerting System) developed in 1990 is a real-time anomaly detection system provided to the network host of the National Security Computing Center. Although it is ma...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26
Inventor 赵雷
Owner SHANGHAI DIANJI UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap