A Network Traffic Anomaly Detection Method Based on Cycle Prediction and Learning

An anomaly detection and network traffic technology, applied in the field of network security, can solve problems such as increasing algorithm complexity and predicting false alarm rate, and achieves the effect of avoiding excessive false alarm rate, reducing false alarm rate, and avoiding abnormal false alarm.

Active Publication Date: 2021-08-13
STATE GRID GASU ELECTRIC POWER RES INST +2
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] In view of the problems of the above research, the purpose of the present invention is to provide a network traffic anomaly detection method based on cyclic prediction and learning, which solves the problem in the prior art based on a large number of characteristic indicators and long-term periods, and adopts classification and prediction models to detect abnormal network traffic. Detection will increase the complexity of the algorithm and the problem of predicting the false positive rate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Network Traffic Anomaly Detection Method Based on Cycle Prediction and Learning
  • A Network Traffic Anomaly Detection Method Based on Cycle Prediction and Learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0060] The present invention uses hardware probes to collect data traffic. The network traffic data in this experiment comes from the normal traffic data collected in CERNET in 2017. We select the TCP downstream traffic characteristic index (TCPINBYTES characteristic index) for implementation. The embodiment selects the TCPINBYTES raw data part from 9:42 to 10:30 on November 12, the time period is one minute, and L=10.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network traffic abnormal detection method based on cyclic prediction and learning, belongs to the field of network security, and solves the problems of increasing the complexity of the algorithm and the prediction false alarm rate in the prior art. Based on the first continuous time period, the invention collects the sampling values ​​of the characteristic indexes in each time period, and performs smooth correction on the time series; The predicted value of the feature indicators in a continuous time period; the predicted deviation rate of the indicator in each time period is calculated based on the predicted value and the sampled value of the feature index in the second continuous time period, and the predicted deviation obtained according to all the predicted deviation rates The positive and negative values ​​of the rate; the abnormality is judged according to the predicted deviation rate of the characteristic index in the continuous time period to be judged and the positive and negative values ​​of the predicted deviation rate. The present invention is used for detecting abnormality of network traffic.

Description

technical field [0001] The invention discloses a network traffic anomaly detection method based on cyclic prediction and learning, which is used for detecting network traffic anomalies and belongs to the field of network security. Background technique [0002] With the continuous development of the Internet, the scale of the network is expanding day by day, and the number of network services carried by it is gradually increasing. Network security has become a growing concern. Abnormal network traffic refers to the network traffic pattern that adversely affects the normal use of the network. Network scanning, DDOS attacks, network worms, malicious downloads, physical link damage, etc. will all cause abnormal network traffic. Abnormal network traffic is often accompanied by serious consequences, such as occupation of network resources, network congestion, resulting in packet loss and increased delay; occupation of device system resources (CPU, memory, etc.), and network facil...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/24
Inventor 赵博张小敏段军红张华峰闫晓斌张驯张小东袁晖赵金雄李志茹魏峰党倩李方军宋曦尚闻博孙碧颖张文轩杨凡高丽娜
Owner STATE GRID GASU ELECTRIC POWER RES INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap