Network traffic abnormality detection method and system

A network traffic and anomaly detection technology, applied in the field of network information security, can solve the problems of low accuracy of network traffic anomaly detection, not considering the impact of historical information, etc., to achieve the effect of improving accuracy

Inactive Publication Date: 2017-02-15
GUANGDONG UNIV OF TECH
View PDF5 Cites 49 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the existing methods have the following disadvantages: For the collected network traffic data samples, a single traffic data sample is used as the input sample for model training during model training. This method does not consider the influence of historical information on current data, so the network The accuracy of traffic anomaly detection is low

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network traffic abnormality detection method and system
  • Network traffic abnormality detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] In order to enable those skilled in the art to better understand the technical solutions in the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described The embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts shall fall within the protection scope of the present invention.

[0055] An embodiment of the present invention provides a network traffic anomaly detection method, including:

[0056] Sampling network traffic to obtain a time series composed of traffic data samples;

[0057] Extracting a sample subsequence from the time series with a time window of a preset scale;

[0058] Inputting the sample subs...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network traffic abnormality detection method and system. The method comprises the steps of sampling network traffic, thereby obtaining time sequences composed of traffic data samples through sampling; extracting sample subsequences from the time sequences according to time windows of preset sizes; inputting the sample subsequences into a classification model for model training by taking the sample subsequences as input samples, thereby determining parameters of the classification model; and testing to obtain normal and abnormal classification results of the network traffic according to the classification model of which parameters are determined. According to the network traffic abnormality detection method and system provided by the invention, the extracted time sequence composed of the traffic data samples are taken as the samples for model training and classification detection, the fact that network traffic changes have continuity and correlation in time is taken into consideration, and time information is introduced into abnormal traffic detection and classification. Compared with the prior art, the method and the system have the advantage that the accuracy of carrying out abnormal behavior detection on the network traffic can be improved.

Description

technical field [0001] The invention relates to the technical field of network information security, in particular to a method and system for detecting network traffic anomalies. Background technique [0002] With the development of computer network technology and the continuous expansion of the coverage of network facilities, the network system is becoming more and more complex, and the network equipment is becoming more and more diverse, which increases the chance of abnormal network traffic. Abnormal network traffic refers to the situation where the traffic behavior of the network deviates from its normal behavior. Abnormal network traffic will bring great harm to the network and the computers on the network. Reliability and availability are of great significance. [0003] In recent years, the detection methods for network traffic anomalies are mostly using machine learning methods to train models. These studies use K-Means clustering methods, Support Vector Machines (Su...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L12/26
CPCH04L43/04H04L41/145H04L43/08
Inventor 刘文印程敏李青
Owner GUANGDONG UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap