Real-time network flow anomaly detection method based on big data

A real-time network and traffic anomaly technology, applied in the direction of data exchange network, digital transmission system, electrical components, etc., can solve the problems of reducing the success rate of network attacks, loss, large-time computing power, etc., to achieve accurate detection of network traffic anomalies, reduce The effect of false positive rate and improvement of computing power

Inactive Publication Date: 2020-05-05
SHANGHAI MARITIME UNIVERSITY
View PDF11 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If you only monitor and analyze part of the network transmission data, the success rate of network attack detection will be greatly reduced. Once the LAN is breached, it will bring various huge and unexpected losses
However, it takes a lot of time and powerful computing power to process all the data globally and in real time.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Real-time network flow anomaly detection method based on big data
  • Real-time network flow anomaly detection method based on big data
  • Real-time network flow anomaly detection method based on big data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] Specific embodiments of the present invention will be further described below in conjunction with the accompanying drawings.

[0035] The present invention provides a real-time network traffic anomaly detection method based on big data, which can process and analyze network traffic through big data analysis technology, predict the time and attack type of network attacks, and then take effective preventive measures to prevent them.

[0036] Such as figure 1 As shown, the embodiment of the present invention provides, including the following steps:

[0037] (1) Step S1. Read the collected and analyzed attack type traffic data stored in the database with attack tags, and remove the tag attack type from the data. Removing the label attack category here does not mean that such labels will not be used, but because the unsupervised clustering algorithm is used, so the label category is not used, but it will be used in the model evaluation in step S3, which can be passed throug...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a real-time network flow anomaly detection method based on big data, which comprises the following steps: S1, obtaining collected and analyzed historical flow data with attacktags stored in a database to obtain attack types; S2, performing data feature preprocessing on the historical traffic data in the S1, and constructing a first class of feature vectors; S3, constructing a clustering model based on the first class of feature vectors in the S2, and obtaining a target model meeting a preset condition by utilizing model evaluation and optimization; S4, storing the target model obtained in S3 and deploying the target model online; S5, capturing and collecting real-time network data flow packet information transmitted in a local area network; S6, performing data feature preprocessing on the real-time network data traffic packet in S5, and constructing a second type of feature vectors; and S7, according to the target model in the S3 and the second type of featurevectors in the S6, performing real-time online analysis and detection, and judging whether the current real-time network data traffic is abnormal traffic or normal traffic.

Description

technical field [0001] The invention relates to the technical field of computer application to Internet security, and in particular to a method for detecting network traffic anomalies based on a big data environment. Background technique [0002] The current network security situation is extremely severe, and more and more network attacks have been reported, which has brought serious network security threats to key enterprises, individuals and important departments. This advanced persistent threat (APT, advanced persistent threat) can easily evade the identification of traditional detection technologies by taking advantage of its strong pertinence, camouflage and staged characteristics. New attack methods and technologies emerge in an endless stream, making the general intrusion prevention system unable to effectively match and identify them. At the same time, any network attack is transmitted through the network, and there must be related data packet transmission between t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/14H04L63/1416H04L63/1425
Inventor 李中耀宋安军
Owner SHANGHAI MARITIME UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap