WEB abnormal traffic monitoring method based on integrated learning

An integrated learning and abnormal traffic technology, applied in the field of machine learning, can solve problems such as noise data interference, denial of service attacks, manual update of feature database, etc., and achieve high precision, integrity and reliability

An integrated learning and abnormal traffic technology, applied in the field of machine learning, can solve problems such as noise data interference, denial of service attacks, manual update of feature database, etc., and achieve high precision, integrity and reliability

CN107294993AActive Publication Date: 2017-10-24CHONGQING UNIV OF POSTS & TELECOMM
5 Cites 25 Cited by

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • WEB abnormal traffic monitoring method based on integrated learning
  • WEB abnormal traffic monitoring method based on integrated learning
  • WEB abnormal traffic monitoring method based on integrated learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] The technical solutions in the embodiments of the present invention will be described clearly and in detail below with reference to the drawings in the embodiments of the present invention. The described embodiments are only some of the embodiments of the invention.

[0047] The technical scheme that the present invention solves the problems of the technologies described above is:

[0048] The present invention proposes a model for solving abnormal traffic monitoring. figure 1 Shown is a flowchart of the entire model. Preprocess the data set, such as segmenting symbols such as "&" and "=", and extract valid information in URLs to improve processing efficiency. figure 2 Cutting examples for URLs. The processed data are feature extracted by statistical methods such as mutual information and information entropy. After the construction of the feature engineering, according to the different nature of the visit, the data sets with different characteristics are constructed ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention sets forth a WEB abnormal traffic monitoring method based on integrated learning. The method comprises five processes of data preprocessing, construction of feature engineering, data set reconstruction, establishment and fusion of a model and model test. The data preprocessing refers to valid information extraction on URL (Uniform Resource Locator) data. The construction of feature engineering refers to extraction and construction of URL features by adopting a statistical method of information entropy, mutual information or the like. After the feature engineering is constructed, a data set is adjusted for different access properties, and input to four machine learning algorithms of XGBost, LightGBM and the like for supervised learning. After learning devices are constructed, the learning devices are integrated by adopting a Bagging framework. Based on the original data set, a data set is reselected for classified prediction, labels are decided in a most voting manner, and the accuracy of the model is inspected. In the process of using the model, a URL is input to the model, five sub-models in the model give respective label probability, and the label having the highest probability is given as a final label.

Description

technical field [0001] The invention belongs to the technical field of machine learning, and specifically relates to various statistical algorithms and machine learning algorithms. The algorithm adopts a new feature extraction method, innovatively integrates statistics and machine learning algorithms, and realizes the monitoring of WEB abnormal traffic. Background technique [0002] 1. Network security issues in the information age [0003] Today, with the explosion of information, the scale of computer networks and the number of Internet users have reached an unprecedented scale, and what follows is that the problem of network security has become more prominent. As the most important means of defending against network attacks, the development and upgrading of abnormal traffic monitoring is imminent. After more than 20 years of development, the research on traffic monitoring has evolved into many branches. However, in practical applications, the effect is not satisfactory. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
24 Oct 2017
Publication
CN107294993A
IPC
H04L29/06
CPC
H04L63/1416; H04L63/1425
Inventors
李智星; 沈柯